urlscan.io logo urlscan.io
SecurityTrails logo

auto.gewinnspiel-gratis.com Open in urlscan Pro
130.255.79.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://test.cspitalone360.com/
Effective URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e7...
Submission: On July 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 59 HTTP transactions. The main IP is 130.255.79.205, located in Germany and belongs to BKVG-AS, DE. The main domain is auto.gewinnspiel-gratis.com.
TLS certificate: Issued by R3 on June 10th 2022. Valid for: 3 months.
This is the only time auto.gewinnspiel-gratis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 103.224.182.252 133618 (TRELLIAN-...)
1 5 103.224.182.206 133618 (TRELLIAN-...)
1 78.46.197.88 24940 (HETZNER-AS)
2 162.55.54.68 24940 (HETZNER-AS)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 104.111.239.217 16625 (AKAMAI-AS)
1 8 130.255.79.205 29141 (BKVG-AS)
4 2600:9000:20e... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 54.230.206.101 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2600:9000:21f... 16509 (AMAZON-02)
20 13.225.78.42 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.75.88.209 16625 (AKAMAI-AS)
59 17
2    103.224.182.252 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-252.above.com
test.cspitalone360.com
5    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
1redirc.com
1    78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com
2    162.55.54.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.54.55.162.clients.your-server.de
spidershopping.com
2    2606:4700:3031::6815:dc3 (United States)

ASN13335 (CLOUDFLARENET, US)
buybutwhere.com
1    2606:4700:3036::ac43:8065 (United States)

ASN13335 (CLOUDFLARENET, US)
www.smartredirect.de
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
8    130.255.79.205 (Germany)

ASN29141 (BKVG-AS, DE)
kampagnen.gewinnspiel-gratis.com
auto.gewinnspiel-gratis.com
4    2600:9000:20eb:3600:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
4    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    54.230.206.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-101.ham50.r.cloudfront.net
cdn.datenschutz.burda.com
1    2600:9000:21f3:9c00:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a02:26f0:6c00:285::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    2600:9000:21f3:b200:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
20    13.225.78.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-42.fra2.r.cloudfront.net
cmp-consent-tool.privacymanager.io
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
Apex Domain
Subdomains		 Transfer
25 privacymanager.io
gdpr-wrapper.privacymanager.io — Cisco Umbrella Rank: 15056
gdpr.privacymanager.io — Cisco Umbrella Rank: 16000
cmp-consent-tool.privacymanager.io — Cisco Umbrella Rank: 30722
745 KB
8 gewinnspiel-gratis.com
kampagnen.gewinnspiel-gratis.com
auto.gewinnspiel-gratis.com
412 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
347 KB
5 1redirc.com
1redirc.com — Cisco Umbrella Rank: 172181
8 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
41 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14697
2 KB
2 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 773
1 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 745
19 KB
2 buybutwhere.com
buybutwhere.com — Cisco Umbrella Rank: 851072
3 KB
2 spidershopping.com
spidershopping.com
1 KB
2 cspitalone360.com
test.cspitalone360.com
2 KB
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 4012
9 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
64 KB
1 burda.com
cdn.datenschutz.burda.com
18 KB
1 smartredirect.de
www.smartredirect.de — Cisco Umbrella Rank: 231710
768 B
1 clever-redirect.com
clever-redirect.com
696 B
59 16
Domain Requested by
20 cmp-consent-tool.privacymanager.io gdpr.privacymanager.io
cmp-consent-tool.privacymanager.io
7 auto.gewinnspiel-gratis.com buybutwhere.com
auto.gewinnspiel-gratis.com
5 1redirc.com 1 redirects 1redirc.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com auto.gewinnspiel-gratis.com
www.gstatic.com
www.google.com
4 gdpr-wrapper.privacymanager.io auto.gewinnspiel-gratis.com
gdpr.privacymanager.io
cmp-consent-tool.privacymanager.io
3 www.awin1.com 1 redirects www.dwin1.com
www.awin1.com
2 ct.pinterest.com s.pinimg.com
auto.gewinnspiel-gratis.com
2 fonts.gstatic.com www.google.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 buybutwhere.com 1 redirects spidershopping.com
2 spidershopping.com clever-redirect.com
2 test.cspitalone360.com 2 redirects
1 www.dwin1.com 1redirc.com
1 www.googletagmanager.com auto.gewinnspiel-gratis.com
1 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
1 cdn.datenschutz.burda.com auto.gewinnspiel-gratis.com
1 kampagnen.gewinnspiel-gratis.com 1 redirects
1 www.smartredirect.de 1 redirects
1 clever-redirect.com 1redirc.com
59 20
Subject Issuer Validity Valid
tracker.clever-redirect.com
R3		 2022-06-06 -
2022-09-04		 3 months crt.sh
spidershopping.com
R3		 2022-06-14 -
2022-09-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-02-13 -
2023-02-12		 a year crt.sh
auto.gewinnspiel-gratis.com
R3		 2022-06-10 -
2022-09-08		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
cdn.datenschutz.burda.com
Amazon		 2021-12-30 -
2023-01-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
*.dwin1.com
Amazon		 2021-11-19 -
2022-12-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh

This page contains 4 frames:

Primary Page: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Frame ID: DCB9FF4E14F747A49CF8E4DF1E2D674D
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N&co=aHR0cHM6Ly9hdXRvLmdld2lubnNwaWVsLWdyYXRpcy5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=w22i43wi6pis
Frame ID: 45B0E4749D4C70A4415B71390EB932CC
Requests: 8 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: 92D2961314DDC36529624A23AB8E4E14
Requests: 21 HTTP requests in this frame

Frame: https://www.awin1.com/alt.php?mid=14349&sv=14349_1658625448_14e79e9a2da4c9157db196e122510246
Frame ID: 9F85ACE9D1705714F41E50602F36F707
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gewinnspiel Gratis: Gewinnen Sie ein neuen VW Tiguan

Page URL History Show full URLs

  1. http://test.cspitalone360.com/ HTTP 302
    https://test.cspitalone360.com/ HTTP 302
    http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTV... Page URL
  2. http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D18074... HTTP 302
    https://clever-redirect.com/s/r6?s=721614&s3=1807420433&sid=20220724111726eca26a7eaef69730b4 Page URL
  3. https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=bdi-services.de&s1=72... Page URL
  4. https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dbd... Page URL
  5. https://buybutwhere.com/buy/with/o4/in?store=bdi-services.de&sid1=c90b11b5dbc3405f82e1c57ce718d03d&n... HTTP 302
    https://buybutwhere.com/buy/in?store=bdi-services.de Page URL
  6. https://www.smartredirect.de/redir/clickGate.php?u=jMIB0VkB&m=1&p=w5uTlnlezm&t=sLUNGdPJ&s=o462dc9da828eed... HTTP 302
    https://www.awin1.com/cread.php?awinmid=14349&awinaffid=101248&clickref=at106659_a171504_m1_p21337... HTTP 302
    https://kampagnen.gewinnspiel-gratis.com/dagobertvwtiguangws_102.html?idPartner=12&idCampaignAd=0&subId=&subIdentifie... HTTP 302
    https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

59
Requests

93 %
HTTPS

53 %
IPv6

16
Domains

20
Subdomains

17
IPs

3
Countries

1666 kB
Transfer

3948 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://test.cspitalone360.com/ HTTP 302
    https://test.cspitalone360.com/ HTTP 302
    http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoWnIrbUtqclpqd1FKSkRLcWU4R1duWWlkeEl2cXY1K0N0M2xuQzhWWDU4M0xBY1JGQ2dWYVpkZ1Z3QXpubDdUU20rQ2dyeU1JdjcxaWNVUzB3RTRaMGw4UGpvZVJBcjd5QWhhaGt4VmJRQzVieVBRU0dVWDFBSmNVVnBEWVBrSzBwMzg3WmxFTVI1M0tQV0dGdVMwSlI3NjFPaC9TZ0d0VWVMN3p1ZVEvRGZCNDZwN0RPbFJLeDd0ZXJuZ2VjWFNRNkE1dFc2VWJ3Qm9SenpBSFB2M05JRjhtYjducXhEbFpiNklFWlVPc0xrcGdCM2k0K01mcE4wVzloajdHYW9nZ0hPZE5VRlBRM0JPYm1pbXd0akwwRm10SXl4elUySUc2OFlEdCt2S0JYMjBDUDREeWJKK0dSWGk1alZ2OGIzR2tlQ0t0QTJZeTZTelJ2YThUVlp0cDd2QjBzTHlKdC9lNExsLy9KSlJibGZJdDVLb0tKYWY3LzVDYXE5TTdHWks5WTYwK1pWeEQ0elFVZGNnc05KVjBlM3NONHMza2RkUTBtOFJBcU1mNXhpQUtMRFFXdStvaG5RSy9Qak00aFNuUTgwcmxvRzA3STJsc29iZ2VjMEV2TjhYMUJQczF6ZWRGRmdQUGFtUzVpSGljRUpwZ3hWUFZWam9UVEtqSWhxSzhMaW1makdHWVlhakJaV2FiQ1hRck11Z044S1o5U0VTQWF4eDVxZm9Vbk9Hd0R4V3gvS0Q5akNoa3hSTXlSSGQ3ZWJEWjAyY29uZzJmTnE1SENnTzJ1L3psenUxS1hWdVd2QS9MMnJsaG91dEJnZEFmalMzc0VTV0cwUzNtNnJYYTRpNXhwUmlQbXF5dVVHNklXYmVweVpDWVJPdUZEZGJkUWd5NUVCVjFnSHlvckVOdlFTZGdTODhJc0FIWTdCbTQ9 Page URL
  2. http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1807420433%26sid%3D20220724111726eca26a7eaef69730b4&s=j&enc=IaEL2zGY6Vj2PVkhddQkl349fmJFTnU1WW1icmt4OERGOHR2QStnVUQ2NlpMSW5KNnBYYXZWeWkvS2N3UHY5R3ZFSjRTcjMzZjI3eENOUnNnMnh1K2xadm9uOTcxY2tKOXZMNjZkaS93U054c2Z1cysvanM0WWh1cERmOGxnelRZMnJEWFE3NHJObHRHeHJyMWJnSTFzbGloZUVwU09EcS9LS1ZnVkxISnQvNS9KWThidDVtSWdtZys2UXlQYzJUOEw2Y09zYUJ4cjkvOEc1MEtQOVJZV3V0QWJ3dGl0OXNULzd6UlVzQjZUZVpaWDFJVmU2bXIxbVRIK2xKUXA2dHBuY3Q2UndybmN0ekVQSVYwTXhScFhqTllwZ3RtSjFmTElYWXB6WkhpQkNMSUk1eTFIcmlnMU81R1Q5dDd2eTVRNUJrNUxvMUlka1RUcFZWSUlYbkxJVDNyVDFDc3gwUVRISmxhSU1pUDQzekovc2hJNFRldlhyQlo1RW1Xd3VMblVkK1FxRGRuRnVrZ1AwRXhsZ0tZZFlrSHUyYldJTHFGcFBRS0ZaVWpJRTJpTHIzc3BYZ29sVUJidG0yM1VZc2ZHSWlSckNhaHdEK2ZyTVhVSGZiOUtDUWwwK3BYa0FWUXhLR2lMaUE4MmF1d2FRcHZpbzVkam9pRnA0bG4xRUN3NGhZTVdkVGlibC9ITUFyUHc2V1dmWUpib3hMMnp2cXM2RGFIbXpUNmhTMUtEMWI0RmFtUUFzNlRkZW1mc0ZIZVlqdXk3VWFaOEFQcFVEYkpWcThHbG9NU0tTRkZIY0NCcTNoM25yUjIvY1llS0NmV0RHaEU5M0k0SHRPQjIvYkdDMVZ6cjhKeGJZcU5TTERjZzM0NzFld29Ga3FCMDU4QWJMYnpzSWEyaE9qUGFwTkZJRGpVdzVFRnhMQkxlVllLWHlDaEVac08zSjBSYzF5WExKSzJWRnVCS0FWbTFSQkV5SXZmL28vNU0vbXJMME1pc1hFUSthZjJZdWQxcHNQazF2c3hnTWJFS2xpZ2E5WnEzSGFwRGtEVWhKNTI5Nk5JOGphYm1FQ3ZzWk01N1BwVDhsVTRveUQ0amN3TDI4M1AyVWpzbUVtbGNhQ1hjUGFhdmh2SVM0RmJ5V2xhR0xJS1YxeE1DQU5RdU9rM0FQcldERDlhclk4YnlLZ09JPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
    https://clever-redirect.com/s/r6?s=721614&s3=1807420433&sid=20220724111726eca26a7eaef69730b4 Page URL
  3. https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=bdi-services.de&s1=721614&s2=&s3=1807420433&s5=cf&it=44&in=1 Page URL
  4. https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dbdi-services.de%26sid1%3Dc90b11b5dbc3405f82e1c57ce718d03d%26nid%3D1&h=eb1b3e1822856d81d5fd5f8b3926ada4 Page URL
  5. https://buybutwhere.com/buy/with/o4/in?store=bdi-services.de&sid1=c90b11b5dbc3405f82e1c57ce718d03d&nid=1 HTTP 302
    https://buybutwhere.com/buy/in?store=bdi-services.de Page URL
  6. https://www.smartredirect.de/redir/clickGate.php?u=jMIB0VkB&m=1&p=w5uTlnlezm&t=sLUNGdPJ&s=o462dc9da828eed&url=https%3A%2F%2Fwww.bdi-services.de&r=https%3A%2F%2Fbuybutwhere.com%2Fwhere HTTP 302
    https://www.awin1.com/cread.php?awinmid=14349&awinaffid=101248&clickref=at106659_a171504_m1_p213371_t15572_cDE_so462dc9da828eed HTTP 302
    https://kampagnen.gewinnspiel-gratis.com/dagobertvwtiguangws_102.html?idPartner=12&idCampaignAd=0&subId=&subIdentifier=&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246 HTTP 302
    https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://test.cspitalone360.com/ HTTP 302
  • https://test.cspitalone360.com/ HTTP 302
  • http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoWnIrbUtqclpqd1FKSkRLcWU4R1duWWlkeEl2cXY1K0N0M2xuQzhWWDU4M0xBY1JGQ2dWYVpkZ1Z3QXpubDdUU20rQ2dyeU1JdjcxaWNVUzB3RTRaMGw4UGpvZVJBcjd5QWhhaGt4VmJRQzVieVBRU0dVWDFBSmNVVnBEWVBrSzBwMzg3WmxFTVI1M0tQV0dGdVMwSlI3NjFPaC9TZ0d0VWVMN3p1ZVEvRGZCNDZwN0RPbFJLeDd0ZXJuZ2VjWFNRNkE1dFc2VWJ3Qm9SenpBSFB2M05JRjhtYjducXhEbFpiNklFWlVPc0xrcGdCM2k0K01mcE4wVzloajdHYW9nZ0hPZE5VRlBRM0JPYm1pbXd0akwwRm10SXl4elUySUc2OFlEdCt2S0JYMjBDUDREeWJKK0dSWGk1alZ2OGIzR2tlQ0t0QTJZeTZTelJ2YThUVlp0cDd2QjBzTHlKdC9lNExsLy9KSlJibGZJdDVLb0tKYWY3LzVDYXE5TTdHWks5WTYwK1pWeEQ0elFVZGNnc05KVjBlM3NONHMza2RkUTBtOFJBcU1mNXhpQUtMRFFXdStvaG5RSy9Qak00aFNuUTgwcmxvRzA3STJsc29iZ2VjMEV2TjhYMUJQczF6ZWRGRmdQUGFtUzVpSGljRUpwZ3hWUFZWam9UVEtqSWhxSzhMaW1makdHWVlhakJaV2FiQ1hRck11Z044S1o5U0VTQWF4eDVxZm9Vbk9Hd0R4V3gvS0Q5akNoa3hSTXlSSGQ3ZWJEWjAyY29uZzJmTnE1SENnTzJ1L3psenUxS1hWdVd2QS9MMnJsaG91dEJnZEFmalMzc0VTV0cwUzNtNnJYYTRpNXhwUmlQbXF5dVVHNklXYmVweVpDWVJPdUZEZGJkUWd5NUVCVjFnSHlvckVOdlFTZGdTODhJc0FIWTdCbTQ9
Request Chain 4
  • http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1807420433%26sid%3D20220724111726eca26a7eaef69730b4&s=j&enc=IaEL2zGY6Vj2PVkhddQkl349fmJFTnU1WW1icmt4OERGOHR2QStnVUQ2NlpMSW5KNnBYYXZWeWkvS2N3UHY5R3ZFSjRTcjMzZjI3eENOUnNnMnh1K2xadm9uOTcxY2tKOXZMNjZkaS93U054c2Z1cysvanM0WWh1cERmOGxnelRZMnJEWFE3NHJObHRHeHJyMWJnSTFzbGloZUVwU09EcS9LS1ZnVkxISnQvNS9KWThidDVtSWdtZys2UXlQYzJUOEw2Y09zYUJ4cjkvOEc1MEtQOVJZV3V0QWJ3dGl0OXNULzd6UlVzQjZUZVpaWDFJVmU2bXIxbVRIK2xKUXA2dHBuY3Q2UndybmN0ekVQSVYwTXhScFhqTllwZ3RtSjFmTElYWXB6WkhpQkNMSUk1eTFIcmlnMU81R1Q5dDd2eTVRNUJrNUxvMUlka1RUcFZWSUlYbkxJVDNyVDFDc3gwUVRISmxhSU1pUDQzekovc2hJNFRldlhyQlo1RW1Xd3VMblVkK1FxRGRuRnVrZ1AwRXhsZ0tZZFlrSHUyYldJTHFGcFBRS0ZaVWpJRTJpTHIzc3BYZ29sVUJidG0yM1VZc2ZHSWlSckNhaHdEK2ZyTVhVSGZiOUtDUWwwK3BYa0FWUXhLR2lMaUE4MmF1d2FRcHZpbzVkam9pRnA0bG4xRUN3NGhZTVdkVGlibC9ITUFyUHc2V1dmWUpib3hMMnp2cXM2RGFIbXpUNmhTMUtEMWI0RmFtUUFzNlRkZW1mc0ZIZVlqdXk3VWFaOEFQcFVEYkpWcThHbG9NU0tTRkZIY0NCcTNoM25yUjIvY1llS0NmV0RHaEU5M0k0SHRPQjIvYkdDMVZ6cjhKeGJZcU5TTERjZzM0NzFld29Ga3FCMDU4QWJMYnpzSWEyaE9qUGFwTkZJRGpVdzVFRnhMQkxlVllLWHlDaEVac08zSjBSYzF5WExKSzJWRnVCS0FWbTFSQkV5SXZmL28vNU0vbXJMME1pc1hFUSthZjJZdWQxcHNQazF2c3hnTWJFS2xpZ2E5WnEzSGFwRGtEVWhKNTI5Nk5JOGphYm1FQ3ZzWk01N1BwVDhsVTRveUQ0amN3TDI4M1AyVWpzbUVtbGNhQ1hjUGFhdmh2SVM0RmJ5V2xhR0xJS1YxeE1DQU5RdU9rM0FQcldERDlhclk4YnlLZ09JPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
  • https://clever-redirect.com/s/r6?s=721614&s3=1807420433&sid=20220724111726eca26a7eaef69730b4
Request Chain 7
  • https://buybutwhere.com/buy/with/o4/in?store=bdi-services.de&sid1=c90b11b5dbc3405f82e1c57ce718d03d&nid=1 HTTP 302
  • https://buybutwhere.com/buy/in?store=bdi-services.de

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r2.php
1redirc.com/
Redirect Chain
  • http://test.cspitalone360.com/
  • https://test.cspitalone360.com/
  • http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoW...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoWnIrbUtqclpqd1FKSkRLcWU4R1duWWlkeEl2cXY1K0N0M2xuQzhWWDU4M0xBY1JGQ2dWYVpkZ1Z3QXpubDdUU20rQ2dyeU1JdjcxaWNVUzB3RTRaMGw4UGpvZVJBcjd5QWhhaGt4VmJRQzVieVBRU0dVWDFBSmNVVnBEWVBrSzBwMzg3WmxFTVI1M0tQV0dGdVMwSlI3NjFPaC9TZ0d0VWVMN3p1ZVEvRGZCNDZwN0RPbFJLeDd0ZXJuZ2VjWFNRNkE1dFc2VWJ3Qm9SenpBSFB2M05JRjhtYjducXhEbFpiNklFWlVPc0xrcGdCM2k0K01mcE4wVzloajdHYW9nZ0hPZE5VRlBRM0JPYm1pbXd0akwwRm10SXl4elUySUc2OFlEdCt2S0JYMjBDUDREeWJKK0dSWGk1alZ2OGIzR2tlQ0t0QTJZeTZTelJ2YThUVlp0cDd2QjBzTHlKdC9lNExsLy9KSlJibGZJdDVLb0tKYWY3LzVDYXE5TTdHWks5WTYwK1pWeEQ0elFVZGNnc05KVjBlM3NONHMza2RkUTBtOFJBcU1mNXhpQUtMRFFXdStvaG5RSy9Qak00aFNuUTgwcmxvRzA3STJsc29iZ2VjMEV2TjhYMUJQczF6ZWRGRmdQUGFtUzVpSGljRUpwZ3hWUFZWam9UVEtqSWhxSzhMaW1makdHWVlhakJaV2FiQ1hRck11Z044S1o5U0VTQWF4eDVxZm9Vbk9Hd0R4V3gvS0Q5akNoa3hSTXlSSGQ3ZWJEWjAyY29uZzJmTnE1SENnTzJ1L3psenUxS1hWdVd2QS9MMnJsaG91dEJnZEFmalMzc0VTV0cwUzNtNnJYYTRpNXhwUmlQbXF5dVVHNklXYmVweVpDWVJPdUZEZGJkUWd5NUVCVjFnSHlvckVOdlFTZGdTODhJc0FIWTdCbTQ9
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
edfb645a359cf93644bbfcadcab4792dff79dfbcceb7f1c57f6342030606aa68

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Length
2057
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 01:17:26 GMT
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 01:17:26 GMT
Location
http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoWnIrbUtqclpqd1FKSkRLcWU4R1duWWlkeEl2cXY1K0N0M2xuQzhWWDU4M0xBY1JGQ2dWYVpkZ1Z3QXpubDdUU20rQ2dyeU1JdjcxaWNVUzB3RTRaMGw4UGpvZVJBcjd5QWhhaGt4VmJRQzVieVBRU0dVWDFBSmNVVnBEWVBrSzBwMzg3WmxFTVI1M0tQV0dGdVMwSlI3NjFPaC9TZ0d0VWVMN3p1ZVEvRGZCNDZwN0RPbFJLeDd0ZXJuZ2VjWFNRNkE1dFc2VWJ3Qm9SenpBSFB2M05JRjhtYjducXhEbFpiNklFWlVPc0xrcGdCM2k0K01mcE4wVzloajdHYW9nZ0hPZE5VRlBRM0JPYm1pbXd0akwwRm10SXl4elUySUc2OFlEdCt2S0JYMjBDUDREeWJKK0dSWGk1alZ2OGIzR2tlQ0t0QTJZeTZTelJ2YThUVlp0cDd2QjBzTHlKdC9lNExsLy9KSlJibGZJdDVLb0tKYWY3LzVDYXE5TTdHWks5WTYwK1pWeEQ0elFVZGNnc05KVjBlM3NONHMza2RkUTBtOFJBcU1mNXhpQUtMRFFXdStvaG5RSy9Qak00aFNuUTgwcmxvRzA3STJsc29iZ2VjMEV2TjhYMUJQczF6ZWRGRmdQUGFtUzVpSGljRUpwZ3hWUFZWam9UVEtqSWhxSzhMaW1makdHWVlhakJaV2FiQ1hRck11Z044S1o5U0VTQWF4eDVxZm9Vbk9Hd0R4V3gvS0Q5akNoa3hSTXlSSGQ3ZWJEWjAyY29uZzJmTnE1SENnTzJ1L3psenUxS1hWdVd2QS9MMnJsaG91dEJnZEFmalMzc0VTV0cwUzNtNnJYYTRpNXhwUmlQbXF5dVVHNklXYmVweVpDWVJPdUZEZGJkUWd5NUVCVjFnSHlvckVOdlFTZGdTODhJc0FIWTdCbTQ9
Server
Apache/2.4.38 (Debian)
jscheck.js
1redirc.com/javascript/ 		899 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/javascript/jscheck.js
Requested by
Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoWnIrbUtqclpqd1FKSkRLcWU4R1duWWlkeEl2cXY1K0N0M2xuQzhWWDU4M0xBY1JGQ2dWYVpkZ1Z3QXpubDdUU20rQ2dyeU1JdjcxaWNVUzB3RTRaMGw4UGpvZVJBcjd5QWhhaGt4VmJRQzVieVBRU0dVWDFBSmNVVnBEWVBrSzBwMzg3WmxFTVI1M0tQV0dGdVMwSlI3NjFPaC9TZ0d0VWVMN3p1ZVEvRGZCNDZwN0RPbFJLeDd0ZXJuZ2VjWFNRNkE1dFc2VWJ3Qm9SenpBSFB2M05JRjhtYjducXhEbFpiNklFWlVPc0xrcGdCM2k0K01mcE4wVzloajdHYW9nZ0hPZE5VRlBRM0JPYm1pbXd0akwwRm10SXl4elUySUc2OFlEdCt2S0JYMjBDUDREeWJKK0dSWGk1alZ2OGIzR2tlQ0t0QTJZeTZTelJ2YThUVlp0cDd2QjBzTHlKdC9lNExsLy9KSlJibGZJdDVLb0tKYWY3LzVDYXE5TTdHWks5WTYwK1pWeEQ0elFVZGNnc05KVjBlM3NONHMza2RkUTBtOFJBcU1mNXhpQUtMRFFXdStvaG5RSy9Qak00aFNuUTgwcmxvRzA3STJsc29iZ2VjMEV2TjhYMUJQczF6ZWRGRmdQUGFtUzVpSGljRUpwZ3hWUFZWam9UVEtqSWhxSzhMaW1makdHWVlhakJaV2FiQ1hRck11Z044S1o5U0VTQWF4eDVxZm9Vbk9Hd0R4V3gvS0Q5akNoa3hSTXlSSGQ3ZWJEWjAyY29uZzJmTnE1SENnTzJ1L3psenUxS1hWdVd2QS9MMnJsaG91dEJnZEFmalMzc0VTV0cwUzNtNnJYYTRpNXhwUmlQbXF5dVVHNklXYmVweVpDWVJPdUZEZGJkUWd5NUVCVjFnSHlvckVOdlFTZGdTODhJc0FIWTdCbTQ9
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoWnIrbUtqclpqd1FKSkRLcWU4R1duWWlkeEl2cXY1K0N0M2xuQzhWWDU4M0xBY1JGQ2dWYVpkZ1Z3QXpubDdUU20rQ2dyeU1JdjcxaWNVUzB3RTRaMGw4UGpvZVJBcjd5QWhhaGt4VmJRQzVieVBRU0dVWDFBSmNVVnBEWVBrSzBwMzg3WmxFTVI1M0tQV0dGdVMwSlI3NjFPaC9TZ0d0VWVMN3p1ZVEvRGZCNDZwN0RPbFJLeDd0ZXJuZ2VjWFNRNkE1dFc2VWJ3Qm9SenpBSFB2M05JRjhtYjducXhEbFpiNklFWlVPc0xrcGdCM2k0K01mcE4wVzloajdHYW9nZ0hPZE5VRlBRM0JPYm1pbXd0akwwRm10SXl4elUySUc2OFlEdCt2S0JYMjBDUDREeWJKK0dSWGk1alZ2OGIzR2tlQ0t0QTJZeTZTelJ2YThUVlp0cDd2QjBzTHlKdC9lNExsLy9KSlJibGZJdDVLb0tKYWY3LzVDYXE5TTdHWks5WTYwK1pWeEQ0elFVZGNnc05KVjBlM3NONHMza2RkUTBtOFJBcU1mNXhpQUtMRFFXdStvaG5RSy9Qak00aFNuUTgwcmxvRzA3STJsc29iZ2VjMEV2TjhYMUJQczF6ZWRGRmdQUGFtUzVpSGljRUpwZ3hWUFZWam9UVEtqSWhxSzhMaW1makdHWVlhakJaV2FiQ1hRck11Z044S1o5U0VTQWF4eDVxZm9Vbk9Hd0R4V3gvS0Q5akNoa3hSTXlSSGQ3ZWJEWjAyY29uZzJmTnE1SENnTzJ1L3psenUxS1hWdVd2QS9MMnJsaG91dEJnZEFmalMzc0VTV0cwUzNtNnJYYTRpNXhwUmlQbXF5dVVHNklXYmVweVpDWVJPdUZEZGJkUWd5NUVCVjFnSHlvckVOdlFTZGdTODhJc0FIWTdCbTQ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 01:17:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 02:14:38 GMT
Server
Apache/2.4.38 (Debian)
ETag
"383-5e43329b8df80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
405
swfobject.js
1redirc.com/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/javascript/swfobject.js
Requested by
Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoWnIrbUtqclpqd1FKSkRLcWU4R1duWWlkeEl2cXY1K0N0M2xuQzhWWDU4M0xBY1JGQ2dWYVpkZ1Z3QXpubDdUU20rQ2dyeU1JdjcxaWNVUzB3RTRaMGw4UGpvZVJBcjd5QWhhaGt4VmJRQzVieVBRU0dVWDFBSmNVVnBEWVBrSzBwMzg3WmxFTVI1M0tQV0dGdVMwSlI3NjFPaC9TZ0d0VWVMN3p1ZVEvRGZCNDZwN0RPbFJLeDd0ZXJuZ2VjWFNRNkE1dFc2VWJ3Qm9SenpBSFB2M05JRjhtYjducXhEbFpiNklFWlVPc0xrcGdCM2k0K01mcE4wVzloajdHYW9nZ0hPZE5VRlBRM0JPYm1pbXd0akwwRm10SXl4elUySUc2OFlEdCt2S0JYMjBDUDREeWJKK0dSWGk1alZ2OGIzR2tlQ0t0QTJZeTZTelJ2YThUVlp0cDd2QjBzTHlKdC9lNExsLy9KSlJibGZJdDVLb0tKYWY3LzVDYXE5TTdHWks5WTYwK1pWeEQ0elFVZGNnc05KVjBlM3NONHMza2RkUTBtOFJBcU1mNXhpQUtMRFFXdStvaG5RSy9Qak00aFNuUTgwcmxvRzA3STJsc29iZ2VjMEV2TjhYMUJQczF6ZWRGRmdQUGFtUzVpSGljRUpwZ3hWUFZWam9UVEtqSWhxSzhMaW1makdHWVlhakJaV2FiQ1hRck11Z044S1o5U0VTQWF4eDVxZm9Vbk9Hd0R4V3gvS0Q5akNoa3hSTXlSSGQ3ZWJEWjAyY29uZzJmTnE1SENnTzJ1L3psenUxS1hWdVd2QS9MMnJsaG91dEJnZEFmalMzc0VTV0cwUzNtNnJYYTRpNXhwUmlQbXF5dVVHNklXYmVweVpDWVJPdUZEZGJkUWd5NUVCVjFnSHlvckVOdlFTZGdTODhJc0FIWTdCbTQ9
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoWnIrbUtqclpqd1FKSkRLcWU4R1duWWlkeEl2cXY1K0N0M2xuQzhWWDU4M0xBY1JGQ2dWYVpkZ1Z3QXpubDdUU20rQ2dyeU1JdjcxaWNVUzB3RTRaMGw4UGpvZVJBcjd5QWhhaGt4VmJRQzVieVBRU0dVWDFBSmNVVnBEWVBrSzBwMzg3WmxFTVI1M0tQV0dGdVMwSlI3NjFPaC9TZ0d0VWVMN3p1ZVEvRGZCNDZwN0RPbFJLeDd0ZXJuZ2VjWFNRNkE1dFc2VWJ3Qm9SenpBSFB2M05JRjhtYjducXhEbFpiNklFWlVPc0xrcGdCM2k0K01mcE4wVzloajdHYW9nZ0hPZE5VRlBRM0JPYm1pbXd0akwwRm10SXl4elUySUc2OFlEdCt2S0JYMjBDUDREeWJKK0dSWGk1alZ2OGIzR2tlQ0t0QTJZeTZTelJ2YThUVlp0cDd2QjBzTHlKdC9lNExsLy9KSlJibGZJdDVLb0tKYWY3LzVDYXE5TTdHWks5WTYwK1pWeEQ0elFVZGNnc05KVjBlM3NONHMza2RkUTBtOFJBcU1mNXhpQUtMRFFXdStvaG5RSy9Qak00aFNuUTgwcmxvRzA3STJsc29iZ2VjMEV2TjhYMUJQczF6ZWRGRmdQUGFtUzVpSGljRUpwZ3hWUFZWam9UVEtqSWhxSzhMaW1makdHWVlhakJaV2FiQ1hRck11Z044S1o5U0VTQWF4eDVxZm9Vbk9Hd0R4V3gvS0Q5akNoa3hSTXlSSGQ3ZWJEWjAyY29uZzJmTnE1SENnTzJ1L3psenUxS1hWdVd2QS9MMnJsaG91dEJnZEFmalMzc0VTV0cwUzNtNnJYYTRpNXhwUmlQbXF5dVVHNklXYmVweVpDWVJPdUZEZGJkUWd5NUVCVjFnSHlvckVOdlFTZGdTODhJc0FIWTdCbTQ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 01:17:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 02:14:38 GMT
Server
Apache/2.4.38 (Debian)
ETag
"27ef-5e43329b8df80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3949
jscheck.php
1redirc.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/jscheck.php?enc=IaEL2zGY6Vj2PVkhddQkl349fmJFTnU1WW1icmt4OERGOHR2QStnVUQ2NlpMSW5KNnBYYXZWeWkvS2N3UHY5R3ZFSjRTcjMzZjI3eENOUnNnMnh1K2xadm9uOTcxY2tKOXZMNjZkaS93U054c2Z1cysvanM0WWh1cERmOGxnelRZMnJEWFE3NHJObHRHeHJyMWJnSTFzbGloZUVwU09EcS9LS1ZnVkxISnQvNS9KWThidDVtSWdtZys2UXlQYzJUOEw2Y09zYUJ4cjkvOEc1MEtQOVJZV3V0QWJ3dGl0OXNULzd6UlVzQjZUZVpaWDFJVmU2bXIxbVRIK2xKUXA2dHBuY3Q2UndybmN0ekVQSVYwTXhScFhqTllwZ3RtSjFmTElYWXB6WkhpQkNMSUk1eTFIcmlnMU81R1Q5dDd2eTVRNUJrNUxvMUlka1RUcFZWSUlYbkxJVDNyVDFDc3gwUVRISmxhSU1pUDQzekovc2hJNFRldlhyQlo1RW1Xd3VMblVkK1FxRGRuRnVrZ1AwRXhsZ0tZZFlrSHUyYldJTHFGcFBRS0ZaVWpJRTJpTHIzc3BYZ29sVUJidG0yM1VZc2ZHSWlSckNhaHdEK2ZyTVhVSGZiOUtDUWwwK3BYa0FWUXhLR2lMaUE4MmF1d2FRcHZpbzVkam9pRnA0bG4xRUN3NGhZTVdkVGlibC9ITUFyUHc2V1dmWUpib3hMMnp2cXM2RGFIbXpUNmhTMUtEMWI0RmFtUUFzNlRkZW1mc0ZIZVlqdXk3VWFaOEFQcFVEYkpWcThHbG9NU0tTRkZIY0NCcTNoM25yUjIvY1llS0NmV0RHaEU5M0k0SHRPQjIvYkdDMVZ6cjhKeGJZcU5TTERjZzM0NzFld29Ga3FCMDU4QWJMYnpzSWEyaE9qUGFwTkZJRGpVdzVFRnhMQkxlVllLWHlDaEVac08zSjBSYzF5WExKSzJWRnVCS0FWbTFSQkV5SXZmL28vNU0vbXJMME1pc1hFUSthZjJZdWQxcHNQazF2c3hnTWJFS2xpZ2E5WnEzSGFwRGtEVWhKNTI5Nk5JOGphYm1FQ3ZzWk01N1BwVDhsVTRveUQ0amN3TDI4M1AyVWpzbUVtbGNhQ1hjUGFhdmh2SVM0RmJ5V2xhR0xJS1YxeE1DQU5RdU9rM0FQcldERDlhclk4YnlLZ09JPQ%3D%3D&rand=0.1047053995565248
Requested by
Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoWnIrbUtqclpqd1FKSkRLcWU4R1duWWlkeEl2cXY1K0N0M2xuQzhWWDU4M0xBY1JGQ2dWYVpkZ1Z3QXpubDdUU20rQ2dyeU1JdjcxaWNVUzB3RTRaMGw4UGpvZVJBcjd5QWhhaGt4VmJRQzVieVBRU0dVWDFBSmNVVnBEWVBrSzBwMzg3WmxFTVI1M0tQV0dGdVMwSlI3NjFPaC9TZ0d0VWVMN3p1ZVEvRGZCNDZwN0RPbFJLeDd0ZXJuZ2VjWFNRNkE1dFc2VWJ3Qm9SenpBSFB2M05JRjhtYjducXhEbFpiNklFWlVPc0xrcGdCM2k0K01mcE4wVzloajdHYW9nZ0hPZE5VRlBRM0JPYm1pbXd0akwwRm10SXl4elUySUc2OFlEdCt2S0JYMjBDUDREeWJKK0dSWGk1alZ2OGIzR2tlQ0t0QTJZeTZTelJ2YThUVlp0cDd2QjBzTHlKdC9lNExsLy9KSlJibGZJdDVLb0tKYWY3LzVDYXE5TTdHWks5WTYwK1pWeEQ0elFVZGNnc05KVjBlM3NONHMza2RkUTBtOFJBcU1mNXhpQUtMRFFXdStvaG5RSy9Qak00aFNuUTgwcmxvRzA3STJsc29iZ2VjMEV2TjhYMUJQczF6ZWRGRmdQUGFtUzVpSGljRUpwZ3hWUFZWam9UVEtqSWhxSzhMaW1makdHWVlhakJaV2FiQ1hRck11Z044S1o5U0VTQWF4eDVxZm9Vbk9Hd0R4V3gvS0Q5akNoa3hSTXlSSGQ3ZWJEWjAyY29uZzJmTnE1SENnTzJ1L3psenUxS1hWdVd2QS9MMnJsaG91dEJnZEFmalMzc0VTV0cwUzNtNnJYYTRpNXhwUmlQbXF5dVVHNklXYmVweVpDWVJPdUZEZGJkUWd5NUVCVjFnSHlvckVOdlFTZGdTODhJc0FIWTdCbTQ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 01:17:27 GMT
Server
Apache/2.4.38 (Debian)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
r6
clever-redirect.com/s/
Redirect Chain
  • http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1807420433%26sid%3D20220724111726eca26a7eaef69730b4&s=j&enc=IaEL2zGY6Vj2PVkhddQkl349fmJFTnU1WW1icmt4OERGOHR...
  • https://clever-redirect.com/s/r6?s=721614&s3=1807420433&sid=20220724111726eca26a7eaef69730b4
347 B
696 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clever-redirect.com/s/r6?s=721614&s3=1807420433&sid=20220724111726eca26a7eaef69730b4
Requested by
Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.197.46.78.clients.your-server.de
Software
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer
http://1redirc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
347
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 01:17:27 GMT
referrer-policy
no-referrer
server
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by
PHP/7.4.27

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 01:17:27 GMT
Location
https://clever-redirect.com/s/r6?s=721614&s3=1807420433&sid=20220724111726eca26a7eaef69730b4
Server
Apache/2.4.38 (Debian)
a
spidershopping.com/search/ 		386 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=bdi-services.de&s1=721614&s2=&s3=1807420433&s5=cf&it=44&in=1
Requested by
Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=1807420433&sid=20220724111726eca26a7eaef69730b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.54.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.54.55.162.clients.your-server.de
Software
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash
ad9b556bec49b402ebee48ed4d07db2297cc2f422ff9c61c7c4c9232070d3d14

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
386
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 01:17:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by
PHP/7.4.27
r
spidershopping.com/search/ 		309 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dbdi-services.de%26sid1%3Dc90b11b5dbc3405f82e1c57ce718d03d%26nid%3D1&h=eb1b3e1822856d81d5fd5f8b3926ada4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.54.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.54.55.162.clients.your-server.de
Software
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer
https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=bdi-services.de&s1=721614&s2=&s3=1807420433&s5=cf&it=44&in=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
309
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 01:17:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by
PHP/7.4.27
in
buybutwhere.com/buy/
Redirect Chain
  • https://buybutwhere.com/buy/with/o4/in?store=bdi-services.de&sid1=c90b11b5dbc3405f82e1c57ce718d03d&nid=1
  • https://buybutwhere.com/buy/in?store=bdi-services.de
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buybutwhere.com/buy/in?store=bdi-services.de
Requested by
Host: spidershopping.com
URL: https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dbdi-services.de%26sid1%3Dc90b11b5dbc3405f82e1c57ce718d03d%26nid%3D1&h=eb1b3e1822856d81d5fd5f8b3926ada4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:dc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dbdi-services.de%26sid1%3Dc90b11b5dbc3405f82e1c57ce718d03d%26nid%3D1&h=eb1b3e1822856d81d5fd5f8b3926ada4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
72f8d0fb28f38fef-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 01:17:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMIwpQJfe52xQksdiZPkZy%2FU8j9zNYxngKQRf7lHdFqFU6ibb7lpHlM8O4EybxghSTOaB13FO%2BN7yEgAAwclezKgsO6OnV7uttMkp3oacM3%2BZZHPyL713KUCE%2BwLwrWRgaIRH7dAi%2FQKydJrRd0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
72f8d0fa98a78fef-FRA
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 01:17:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://buybutwhere.com/buy/in?store=bdi-services.de
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpzDOj1x5fozhBxGg2WKqAtGHpp5t5X%2BA%2BXayHwREtczjZ3UA08qECEDk0nFxQEl8T%2BEAtXLU1AJPpEzDBGbnB1XX%2BlvuSqZEGS6BbPQ5dnAK%2FL2JOP8RFW1PiiuwCSjTPcnn6rR85xkmk6DTGQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request campaign_224.html
auto.gewinnspiel-gratis.com/
Redirect Chain
  • https://www.smartredirect.de/redir/clickGate.php?u=jMIB0VkB&m=1&p=w5uTlnlezm&t=sLUNGdPJ&s=o462dc9da828eed&url=https%3A%2F%2Fwww.bdi-services.de&r=https%3A%2F%2Fbuybutwhere.com%2Fwhere
  • https://www.awin1.com/cread.php?awinmid=14349&awinaffid=101248&clickref=at106659_a171504_m1_p213371_t15572_cDE_so462dc9da828eed
  • https://kampagnen.gewinnspiel-gratis.com/dagobertvwtiguangws_102.html?idPartner=12&idCampaignAd=0&subId=&subIdentifier=&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246
  • https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
52 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Requested by
Host: buybutwhere.com
URL: https://buybutwhere.com/buy/in?store=bdi-services.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.205 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
668837fb1ef8b5cab86c3c62a680539dfa094cb2cc1f4251d4e8b3f95de13685

Request headers

Referer
https://buybutwhere.com/buy/in?store=bdi-services.de
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
13048
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 01:17:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 01:17:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
pragma
no-cache
server
Apache
vary
User-Agent
jquery_1.js
auto.gewinnspiel-gratis.com/media/adresseManager/microSiteFiles/224/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auto.gewinnspiel-gratis.com/media/adresseManager/microSiteFiles/224/jquery_1.js
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.205 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
content-encoding
gzip
last-modified
Fri, 09 Mar 2018 11:17:10 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
32837
expires
Tue, 23 Aug 2022 01:17:29 GMT
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/130e4047-567f-46e4-82f4-5636cfbdad28/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/130e4047-567f-46e4-82f4-5636cfbdad28/gdpr-liveramp.js
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ece1bdb345fd922918e7ebfb3dcfe9e41f9bb3baa3de232a863e23226351ffe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
gfjtlluRuO9xF0WGJY72XVGU7gKu42cJ
content-encoding
gzip
etag
W/"8ee9c638a425beae8b4beb82878c44d0"
age
71432
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Thu, 25 Nov 2021 12:55:42 GMT
server
AmazonS3
date
Sat, 23 Jul 2022 05:26:58 GMT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
eNRH7MwuWYSZPqT_saS706wIp0RVZ6x8UUb8DumwHTEW8pPV4VNclg==
home.jpg
auto.gewinnspiel-gratis.com/media/adresseManager/microSiteImg/224/ 		238 KB
240 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auto.gewinnspiel-gratis.com/media/adresseManager/microSiteImg/224/home.jpg
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.205 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
ffac70f0b6b6d7566be2c5f6f91af0b7c30a068d728fa98e6a38a0e254b51011

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
last-modified
Tue, 06 Mar 2018 14:14:43 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
244162
expires
Tue, 23 Aug 2022 01:17:29 GMT
api.js
www.google.com/recaptcha/ 		884 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
205acb9a708ae009d54160d12b5579be177c45d0d143d187c887fcec5826124e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
588
x-xss-protection
1; mode=block
expires
Sun, 24 Jul 2022 01:17:29 GMT
left,gewinn.jpg
auto.gewinnspiel-gratis.com/media/adresseManager/microSiteImg/224/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auto.gewinnspiel-gratis.com/media/adresseManager/microSiteImg/224/left,gewinn.jpg
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.205 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
b0a0e1e726adf1749c91a64c921903b7a6ffa2a3dc500a79e9823d044f279f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
last-modified
Thu, 08 Mar 2018 10:52:09 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
37258
expires
Tue, 23 Aug 2022 01:17:29 GMT
right,gewinn.jpg
auto.gewinnspiel-gratis.com/media/adresseManager/microSiteImg/224/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auto.gewinnspiel-gratis.com/media/adresseManager/microSiteImg/224/right,gewinn.jpg
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.205 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
5b1a8cc54783fc3435a272b933c01e791d53de304cfd3689b024c924093a5656

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
last-modified
Thu, 08 Mar 2018 10:52:09 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
21988
expires
Tue, 23 Aug 2022 01:17:29 GMT
452.js
cdn.datenschutz.burda.com/ 		114 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datenschutz.burda.com/452.js
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-101.ham50.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
7fa80a6de1e1b6f87491ff07d9a2b80ff09b0bc3254504745f871459f6501065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:15:36 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 04:00:34 GMT
server
nginx/1.22.0
age
113
etag
W/"62d4dae2-1c9cc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 37a8538fed1be46ab7adb41198e40182.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
Ai02jjrZWR18joAECrDAN-8HKvdnY9R3n30EbBrD5z2qhjnjUsO2zw==
expires
Sun, 24 Jul 2022 01:20:36 GMT
gdpr.bundle.js
gdpr.privacymanager.io/latest/ 		136 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/130e4047-567f-46e4-82f4-5636cfbdad28/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9c00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8dd50d5366dbce419bb2c92b138d8e5be463d274430e3ce9251bed8af3e130db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
wzy90OKfXO1MI8f9GAT1AK6smNbAzy8z
content-encoding
br
etag
W/"b94a7466f0909a08c9baeeaf22a8ff32"
age
2073
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:6df02357-1ba5-488f-9bcf-e3e18a6a6613
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a6daa101307027bdf09065e996c49170
last-modified
Wed, 18 May 2022 15:28:01 GMT
server
AmazonS3
date
Sun, 24 Jul 2022 00:42:57 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
2fe261fdb95d3aa2da3e8b42c1c03a670f72f6dff66abf9f3d9d8075f01db326
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
uPJIWvzVUQPVnCgHIQu-r8h4493SDJ-0KQQcWXTJoOdnsfdUP5jTHg==
gtm.js
www.googletagmanager.com/ 		182 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNG55NS
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d74c8735a1c7885733cbefaeded9e8719f6ac612fdd958b86713f7842cf847fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64802
x-xss-protection
0
last-modified
Sun, 24 Jul 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Jul 2022 01:17:29 GMT
hintergrund,unscharf.jpg
auto.gewinnspiel-gratis.com/media/adresseManager/microSiteImg/224/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auto.gewinnspiel-gratis.com/media/adresseManager/microSiteImg/224/hintergrund,unscharf.jpg
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.205 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
b2d816ef2c0f1f13089fc0d7997383b196ee784a1a6130a5491aeab6f4b28268

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
last-modified
Tue, 06 Mar 2018 14:14:43 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
67492
expires
Tue, 23 Aug 2022 01:17:29 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ 		365 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto.gewinnspiel-gratis.com/
Origin
https://auto.gewinnspiel-gratis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 23:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147954
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Jul 2023 23:43:31 GMT
select,arrow.png
auto.gewinnspiel-gratis.com/media/adresseManager/microSiteImg/224/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auto.gewinnspiel-gratis.com/media/adresseManager/microSiteImg/224/select,arrow.png
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.205 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
last-modified
Thu, 08 Mar 2018 10:52:09 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1102
expires
Tue, 23 Aug 2022 01:17:29 GMT
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/130e4047-567f-46e4-82f4-5636cfbdad28/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/130e4047-567f-46e4-82f4-5636cfbdad28/vendor-list.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://auto.gewinnspiel-gratis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
age
28113
content-length
0
date
Sat, 23 Jul 2022 17:28:57 GMT
server
AmazonS3
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-id
LWFpbSHyaOsFJ__MnBRZJQUfmuUlNjTFDWPuW94lkF64E6Bgr31DCQ==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/130e4047-567f-46e4-82f4-5636cfbdad28/ 		18 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/130e4047-567f-46e4-82f4-5636cfbdad28/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c2acf0181a47b437de904abc7e621f932c8b42c6def02dfb3819f46331857f0

Request headers

Accept
application/json
Referer
https://auto.gewinnspiel-gratis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

x-amz-version-id
N7DaI.VeUsJF7hVghC7d0pN4FENARlcf
content-encoding
gzip
etag
W/"8153c9cd6b07716dcf3b28bec5b83a06"
age
111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 21 Jul 2022 17:36:29 GMT
server
AmazonS3
date
Sun, 24 Jul 2022 01:17:29 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
f65Ig1cGNHwQzDW4zW2i3kkfw9T4mYFacn76eiwK_6TDOjoQAE-Xew==
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNG55NS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

akamai-x-true-ttl
7200
x-cdn
akamai
etag
"c4a0eea377c5e0da574e46f4d6e838e5"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
accept-ranges
bytes
content-length
1142
access-control-expose-headers
X-CDN
14349.js
www.dwin1.com/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/14349.js
Requested by
Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=VS84vDJEGfRPygJycf0H3X49fjJBUldPR01GSXJDMEQ3WCs1VDlIR2N5Q3RZV1BrRTVkZHBmd3pQOHBFL2czWGpHclNJcTJaSzRXZ0lIRHM2KzN5KzRQbGdmMEIvem1URkVVcHVLa3c1SHJwbFNPVHJXNUJyZVJGOE1BUGxoWnIrbUtqclpqd1FKSkRLcWU4R1duWWlkeEl2cXY1K0N0M2xuQzhWWDU4M0xBY1JGQ2dWYVpkZ1Z3QXpubDdUU20rQ2dyeU1JdjcxaWNVUzB3RTRaMGw4UGpvZVJBcjd5QWhhaGt4VmJRQzVieVBRU0dVWDFBSmNVVnBEWVBrSzBwMzg3WmxFTVI1M0tQV0dGdVMwSlI3NjFPaC9TZ0d0VWVMN3p1ZVEvRGZCNDZwN0RPbFJLeDd0ZXJuZ2VjWFNRNkE1dFc2VWJ3Qm9SenpBSFB2M05JRjhtYjducXhEbFpiNklFWlVPc0xrcGdCM2k0K01mcE4wVzloajdHYW9nZ0hPZE5VRlBRM0JPYm1pbXd0akwwRm10SXl4elUySUc2OFlEdCt2S0JYMjBDUDREeWJKK0dSWGk1alZ2OGIzR2tlQ0t0QTJZeTZTelJ2YThUVlp0cDd2QjBzTHlKdC9lNExsLy9KSlJibGZJdDVLb0tKYWY3LzVDYXE5TTdHWks5WTYwK1pWeEQ0elFVZGNnc05KVjBlM3NONHMza2RkUTBtOFJBcU1mNXhpQUtMRFFXdStvaG5RSy9Qak00aFNuUTgwcmxvRzA3STJsc29iZ2VjMEV2TjhYMUJQczF6ZWRGRmdQUGFtUzVpSGljRUpwZ3hWUFZWam9UVEtqSWhxSzhMaW1makdHWVlhakJaV2FiQ1hRck11Z044S1o5U0VTQWF4eDVxZm9Vbk9Hd0R4V3gvS0Q5akNoa3hSTXlSSGQ3ZWJEWjAyY29uZzJmTnE1SENnTzJ1L3psenUxS1hWdVd2QS9MMnJsaG91dEJnZEFmalMzc0VTV0cwUzNtNnJYYTRpNXhwUmlQbXF5dVVHNklXYmVweVpDWVJPdUZEZGJkUWd5NUVCVjFnSHlvckVOdlFTZGdTODhJc0FIWTdCbTQ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b200:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8325fde788a11a8c315af768e561d24aec8ad70cc7cd9b45a45fae653d95f334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
UBYbpeG9LwTec1KC1NIdqznW4Z6IbSA3
content-encoding
gzip
etag
W/"8c2f164f29fb52809f3de0051fb942e0"
x-amz-cf-pop
FRA2-C2
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 21 Jul 2022 12:33:12 GMT
server
AmazonS3
date
Sun, 24 Jul 2022 01:17:30 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
NWlMjP4cg15SLyaHYRV9tERZMcx8wYdgbnlF07yKO2irRvoRExUaFw==
anchor
www.google.com/recaptcha/api2/ Frame 45B0 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N&co=aHR0cHM6Ly9hdXRvLmdld2lubnNwaWVsLWdyYXRpcy5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=w22i43wi6pis
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
89262e988f50f1f4657aa0c6c4e46cb040c8edfcf27ec76120005051f3778c0c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wNthE_it1MRSWgpuxwWoBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auto.gewinnspiel-gratis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22022
content-security-policy
script-src 'report-sample' 'nonce-wNthE_it1MRSWgpuxwWoBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 01:17:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.html
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29b7f78db08d77ff1943d06b6a5f1ebf24843b1fb8cd40da79d576101f5f0b5e

Request headers

Referer
https://auto.gewinnspiel-gratis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
318942
cache-control
must-revalidate,public,max-age=604800
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 08:41:48 GMT
etag
W/"a9695f3941d7e7d526084ac0c78593a3"
last-modified
Wed, 18 May 2022 15:28:35 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
x-amz-cf-id
sux0yvE3GXnhWVCZdw5Tc5Rjp0FkcefzAvcwdKY4pcRibfxc9fI5Tg==
x-amz-cf-pop
FRA2-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
x-amz-server-side-encryption
AES256
x-amz-version-id
Ke1yM6ydHaEEvOgESsjjyJW8Dw8NG_aN
x-cache
Hit from cloudfront
alt.php
www.awin1.com/ Frame 9F85 		155 B
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/alt.php?mid=14349&sv=14349_1658625448_14e79e9a2da4c9157db196e122510246
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/14349.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
07b1a165b1e034c23623841c04e152196a4bf425560ff88b92308a698e3a5a6b
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://auto.gewinnspiel-gratis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Encoding
gzip
Content-Length
141
Content-Type
text/html
Date
Sun, 24 Jul 2022 01:17:29 GMT
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
Vary
Accept-Encoding
styles__ltr.css
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 45B0 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N&co=aHR0cHM6Ly9hdXRvLmdld2lubnNwaWVsLWdyYXRpcy5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=w22i43wi6pis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 00:02:44 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 45B0 		365 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N&co=aHR0cHM6Ly9hdXRvLmdld2lubnNwaWVsLWdyYXRpcy5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=w22i43wi6pis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 23:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147954
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 04:01:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Jul 2023 23:43:31 GMT
styles.css
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		90 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/styles.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd811628575c59ea4501cbacd7fee7ffcb6eac53994664438bf006142eb0e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
NK86oJKM9lOF_4fySS9jra4xULuy6Rh5
content-encoding
br
etag
W/"cd863c459ddfca7fa3dde02a0bfde5fb"
age
8271
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
last-modified
Wed, 18 May 2022 15:28:36 GMT
server
AmazonS3
date
Sat, 23 Jul 2022 22:59:39 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
M7gez5LvZ3eV2CCabSxSHytZ_v-ya11VtDc23_gy32WfhKN6sAUKvg==
openSans.css
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		28 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
107c3c8d58a4b471627bcbdb06e10ec2cbd670a02c29458fea8383c1f9d7ddb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 15:17:57 GMT
content-encoding
br
age
554373
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
last-modified
Wed, 18 May 2022 15:28:31 GMT
server
AmazonS3
etag
W/"c23188cdd4f3dbe2a39713eb6d0950da"
vary
Accept-Encoding
x-amz-version-id
pUgbRQkI5l3VQiPmf8EuNPeevBMYWc6.
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
Z5TC6UWMbQBEnF0j2eWB3GN4RXLfn8KxmZAmoopSBM8tJ0I-HDQ0kg==
runtime.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1357132a872bc3c79a758f8ee6bd845da8dd085917d3948fd9ea7eb5cbc8228d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
1kLQG8VwSm3d.gfkVX126MX0XGZ2ZgE9
content-encoding
gzip
etag
W/"a03d9881b932cb6ea8403f3d8fee84f2"
age
531136
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
last-modified
Wed, 18 May 2022 15:28:44 GMT
server
AmazonS3
date
Sun, 17 Jul 2022 21:45:14 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
_zLhi-NOyLku-2Hmc8kljwuUBHI_BuQDWGJf8xWvi1revnTRm3J8Zg==
polyfills.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50166cea7ed05f882dff7f3496d076e8bc9defb23b487d64d6d4a7c21c325d1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
K3ZWaRDczxbIzlli5oJjCQv4grp4TCNi
content-encoding
br
etag
W/"ebe9ec655a6443501377c61b7e89be52"
age
228892
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin
*
last-modified
Wed, 18 May 2022 15:28:31 GMT
server
AmazonS3
date
Thu, 21 Jul 2022 09:42:38 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
gCa6wYGImxH1iJi45cAH_hzS3tcyZq7rafSm0-BuHdppu6jdIMY-yg==
vendor.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		612 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10d30e26ef1c7a25e4714259f231c7db8993fe4583537a2be5a3b1749443b726

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
0j8tPSOwStW8aXAGeO0PWhKeGTZfAk9t
content-encoding
br
etag
W/"1e4853cd005029266b8a4a0bb471e3ee"
age
491975
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin
*
last-modified
Wed, 18 May 2022 15:28:37 GMT
server
AmazonS3
date
Mon, 18 Jul 2022 08:37:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
ySptUj8gJXhgaM5p5Fg4U8q_PfJqwTAbtT2X7SgVe_3bpZB5ONc4fg==
main.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e447a73ff7b3e07d997afc994dd1cf824b270c59a1fa88a8258aabbfc5a445e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
7eqTmGPApeIlCSLhectQTyDtZQhGAIFx
content-encoding
br
etag
W/"69b03cc2b91bdb3e0277f2641031a46c"
age
8271
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
last-modified
Wed, 18 May 2022 15:28:45 GMT
server
AmazonS3
date
Sat, 23 Jul 2022 22:59:39 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
HkvJv3x397Ky6mNLxaCHFI35yZBp8nUXZ5ltE9v8UdAd9gNaFoahEA==
defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
zW0yRrldTyCoxXa4HTlhs_lVrmZHJDpf
content-encoding
br
etag
W/"50acd4ebe93d23ec3ecd7464ebf645e4"
age
149389
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
last-modified
Wed, 18 May 2022 15:28:26 GMT
server
AmazonS3
date
Fri, 22 Jul 2022 07:47:41 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
77AQnF-dK8PlU-1LP402sm4mM2O0T46DSLHL1QGKa3r-n_zBrcNk1A==
runtime.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1357132a872bc3c79a758f8ee6bd845da8dd085917d3948fd9ea7eb5cbc8228d

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
1kLQG8VwSm3d.gfkVX126MX0XGZ2ZgE9
content-encoding
gzip
etag
W/"a03d9881b932cb6ea8403f3d8fee84f2"
age
531136
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
last-modified
Wed, 18 May 2022 15:28:44 GMT
server
AmazonS3
date
Sun, 17 Jul 2022 21:45:14 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
cFw1pKQROYHPoUI8v0XSHMGHw41X1jGtEfHhGaksHVgCNTajmSADvg==
polyfills.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50166cea7ed05f882dff7f3496d076e8bc9defb23b487d64d6d4a7c21c325d1a

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
K3ZWaRDczxbIzlli5oJjCQv4grp4TCNi
content-encoding
br
etag
W/"ebe9ec655a6443501377c61b7e89be52"
age
228892
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin
*
last-modified
Wed, 18 May 2022 15:28:31 GMT
server
AmazonS3
date
Thu, 21 Jul 2022 09:42:38 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
ijOwI1byNbesauNfk1mCqFSDXSgN1Uk-6JzwsDmoxQMOu7Dge8BLnw==
vendor.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		612 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10d30e26ef1c7a25e4714259f231c7db8993fe4583537a2be5a3b1749443b726

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
0j8tPSOwStW8aXAGeO0PWhKeGTZfAk9t
content-encoding
br
etag
W/"1e4853cd005029266b8a4a0bb471e3ee"
age
491975
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin
*
last-modified
Wed, 18 May 2022 15:28:37 GMT
server
AmazonS3
date
Mon, 18 Jul 2022 08:37:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
WwysU-sDEd8p__ofWVArMRs5Ss1GZsY99HY8MXi4yHw1sC4LiPtMnQ==
main.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e447a73ff7b3e07d997afc994dd1cf824b270c59a1fa88a8258aabbfc5a445e

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
7eqTmGPApeIlCSLhectQTyDtZQhGAIFx
content-encoding
br
etag
W/"69b03cc2b91bdb3e0277f2641031a46c"
age
8271
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
last-modified
Wed, 18 May 2022 15:28:45 GMT
server
AmazonS3
date
Sat, 23 Jul 2022 22:59:39 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
o0SXOixm-0myxw4rSX6X8miUc2ppRU6FFVHBtCu7pHab1QPC1w08bw==
14349.gif
www.awin1.com/m/ Frame 9F85 		43 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/m/14349.gif
Requested by
Host: www.awin1.com
URL: https://www.awin1.com/alt.php?mid=14349&sv=14349_1658625448_14e79e9a2da4c9157db196e122510246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.awin1.com/alt.php?mid=14349&sv=14349_1658625448_14e79e9a2da4c9157db196e122510246
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 01:17:29 GMT
Allow
GET
ETag
14349_1658625448_14e79e9a2da4c9157db196e122510246
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
max-age=0
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 45B0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 19:40:09 GMT
x-content-type-options
nosniff
age
193040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 28 Jul 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 45B0 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N&co=aHR0cHM6Ly9hdXRvLmdld2lubnNwaWVsLWdyYXRpcy5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=w22i43wi6pis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 17:06:41 GMT
x-content-type-options
nosniff
age
375048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Jul 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 45B0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N&co=aHR0cHM6Ly9hdXRvLmdld2lubnNwaWVsLWdyYXRpcy5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=w22i43wi6pis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 22:21:19 GMT
x-content-type-options
nosniff
age
442570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 22:21:19 GMT
main.32155010.js
s.pinimg.com/ct/lib/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.32155010.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
gzip
x-cdn
akamai
etag
"fd86de14455274a7c147dc95b77e18e3"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18298
access-control-expose-headers
X-CDN
webworker.js
www.google.com/recaptcha/api2/ Frame 45B0 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N&co=aHR0cHM6Ly9hdXRvLmdld2lubnNwaWVsLWdyYXRpcy5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=w22i43wi6pis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
613e7703528887ec639fbe5165b22ce6f72768a423ecd698f05e3ece6ce90ff4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N&co=aHR0cHM6Ly9hdXRvLmdld2lubnNwaWVsLWdyYXRpcy5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=w22i43wi6pis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 24 Jul 2022 01:17:29 GMT
847.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/847.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3220a07ad1f631e62d4b733f2ac3f6d8f640e67dccc04a5c7dfa1faeadd4c576

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
aZPUpT1yEySaGtWf3MX39qU2zVhxcsr3
content-encoding
br
etag
W/"f91da85c6efb9fa6cad800aa647bafc0"
age
491974
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin
*
last-modified
Wed, 18 May 2022 15:28:46 GMT
server
AmazonS3
date
Mon, 18 Jul 2022 08:37:56 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
SjpsUZj56ux40Vq7S2ixmyLmXo2ot-bzYrO0ZS0GTiRqWGh8rIVx_w==
650.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/650.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c6ebceae3d1722e6da4ce408acb406787f11df1e1fb8696f33c5481e9b4b6f

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
g2yqS861M7lVi_k5bUXeWXY3w4ofYrxH
content-encoding
br
etag
W/"f89cc2f22747329f2049f159f363a2db"
age
318941
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin
*
last-modified
Wed, 18 May 2022 15:28:43 GMT
server
AmazonS3
date
Wed, 20 Jul 2022 08:41:49 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
uTUFKxuR-_rxjivWPnLmKgMWNGSTtTNWMcsdT_AqNxju2fIMSWmnZw==
/
ct.pinterest.com/user/ 		482 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613633200065&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1658625449835
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ced49017b1747b55cec9c576da1dc15fa47ce9cd77ec6e0cf27033892e826864
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.926656b8.1658625449.26397b8f
x-envoy-upstream-service-time
1
x-pinterest-rid
9504511110873292
pin-unauth
dWlkPVpUbGxOMlUyWVRNdE9UQmhaUzAwWm1SaUxXRmlNV1l0TW1NME5UYzNPVEpsTmpoaA
access-control-allow-origin
https://auto.gewinnspiel-gratis.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
350
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2613633200065&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fauto.gewinnspiel-gratis.com%2Fcampaign_224.html%3FcoyoteAffiliTokenId%3D13377452%26ext_publisher_id%3D101248%26awc%3D14349_1658625448_14e79e9a2da4c9157db196e122510246%26%22%2C%22ref%22%3A%22https%3A%2F%2Fbuybutwhere.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1658625449838
Requested by
Host: auto.gewinnspiel-gratis.com
URL: https://auto.gewinnspiel-gratis.com/campaign_224.html?coyoteAffiliTokenId=13377452&ext_publisher_id=101248&awc=14349_1658625448_14e79e9a2da4c9157db196e122510246&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auto.gewinnspiel-gratis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 01:17:29 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.926656b8.1658625449.26397b90
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
7899582056567587
expires
Sat, 01 Jan 2000 00:00:00 GMT
defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1eae565e7f4ae4b87e5ffb96bf72fb3a58e4aeb73e73a00a5368c8cfe308aa2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
zW0yRrldTyCoxXa4HTlhs_lVrmZHJDpf
content-encoding
br
etag
W/"50acd4ebe93d23ec3ecd7464ebf645e4"
age
149389
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
last-modified
Wed, 18 May 2022 15:28:26 GMT
server
AmazonS3
date
Fri, 22 Jul 2022 07:47:41 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
x_fXTNAqIgPrXBER0fSSN1eFa-Pg5Gka27c9SG7kOFx1tO4rC8zgkw==
605.js
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		122 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/605.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e8eb3143ae508bca0b46d3cc70e57d78c9c19b8b535a40498bad308428c65fb

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
gIZkWzmTMNMhD_7MB1vXxZxnYGypnpAN
content-encoding
br
etag
W/"e072d3bb1e9ad89785f59ff83ebb6e60"
age
491974
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
access-control-allow-origin
*
last-modified
Wed, 18 May 2022 15:28:26 GMT
server
AmazonS3
date
Mon, 18 Jul 2022 08:37:56 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
ndw0UwFz2T3jIsRUu8HYFJnLm1IkkHu2RNUq_GWfyqFXH9q_bWYeNQ==
reload
www.google.com/recaptcha/api2/ Frame 45B0 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dc3bc6ad3cafaf7a43f6d0a94818995b5084568285ceb9a2d42be720225d56ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzS8EUAAAAAA3CB327wcfymDGsj6pLkR5Twy9N&co=aHR0cHM6Ly9hdXRvLmdld2lubnNwaWVsLWdyYXRpcy5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=w22i43wi6pis
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 24 Jul 2022 01:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18365
x-xss-protection
1; mode=block
expires
Sun, 24 Jul 2022 01:17:29 GMT
open-sans-latin-400-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-400-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
gXzkwZ5qZzDJWxlqgfSKnJi9XkB8jffP
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
etag
"d65113b6da7ba4bd0a59dbda5a7e24d4"
age
173652
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
content-length
16692
last-modified
Wed, 18 May 2022 15:28:15 GMT
server
AmazonS3
date
Fri, 22 Jul 2022 01:03:18 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
ELGw4R5w87px_M8cBl5PYKXBzqkBdbLJIyWwtyoxplqZ7gyFmuhfOA==
manager-logo.jpeg
gdpr-wrapper.privacymanager.io/gdpr/130e4047-567f-46e4-82f4-5636cfbdad28/ Frame 92D2 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/130e4047-567f-46e4-82f4-5636cfbdad28/manager-logo.jpeg
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3600:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b6abe9e775ff2b0729aae8ed9f39fe60e33781c0814b33d847beb1a0105e06c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
5lpStD_HvT1x2T40rLTOhPGoERoaCpqg
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
etag
"38c0a6b7845e03205bdcff708424d03b"
age
57447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
195438
last-modified
Tue, 23 Jun 2020 10:04:33 GMT
server
AmazonS3
date
Sat, 23 Jul 2022 09:20:03 GMT
vary
Accept-Encoding
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
HaUVHhl5p_3jDGAd1KIVzM-VN5rAcgDy4LQwKqaD9zGDAg8Zeia5ow==
icon-chevron-left.svg
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		441 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmp-consent-tool.privacymanager.io/latest/icon-chevron-left.svg
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/styles.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
hgfCnLWHr2GPza2UTNzWbPWvYWveQw2v
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
etag
"e2760515a843a0256b4b810489b5426b"
age
531135
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
content-length
441
last-modified
Wed, 18 May 2022 15:28:24 GMT
server
AmazonS3
date
Sun, 17 Jul 2022 21:45:15 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
SHf7QLDr4pB-RfKEa74E_Dstw-dqBI2dpvzYwlDaHJU3ywo0j7eavA==
open-sans-latin-700-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-700-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 06:38:02 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
age
153568
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
content-length
16408
last-modified
Wed, 18 May 2022 15:28:45 GMT
server
AmazonS3
etag
"875ba54801f7cf83ea70abf613fab665"
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-version-id
2WPe_EmjgtiCgAkytGNe8i5BN_Z43VpS
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
6zXs3y735TIfSYVsCK5fy233g6fvbCdKOeYwXJ9iplxTc7I7leI2cA==
open-sans-latin-600-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 92D2 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-600-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
tygSMFp34YJwEEQGH5uGlJzBtbjdQIQ6
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
etag
"1f577b061e6e464e2c949faee6518469"
age
503616
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:179dfbe3-37f8-4359-b91f-28c4def2ac2c
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
1abdffa1ddbf401c6718856c94136f77
content-length
16712
last-modified
Wed, 18 May 2022 15:28:45 GMT
server
AmazonS3
date
Mon, 18 Jul 2022 05:23:54 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
06109cbd34c1656b4678f95ed8395e56a92be25c754a9a887d71950894967375
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
Fl0rRTel5hfc--vFbYxVCjblI-rPEPUX3YlvwZzrHggJngp9i01reg==

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| dataLayer object| cmp object| cmpConfiguration object| node function| __tcfapi object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| HBMPrivacy function| pintrk object| awMastertag object| recaptcha object| closure_lm_309659 object| AWIN

15 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AOWOVp3u0byj4KxUem97X1SCNz4qBnmP970OE4zWs36nvPChp7wxGrz5a1hRq7YwvFtGN4tY-Zb8eFuEzWEqygY
test.cspitalone360.com/ Name: __tad
Value: 1658625445.3029948
.1redirc.com/ Name: __dsnsid
Value: 20220724111726eca26a7eaef69730b4
clever-redirect.com/ Name: ffe8be942ec35449ee6517cfbd628e4b
Value: 17c90a7fcf70e66f766ffea9b328075ffbf4fbe90ebd6b8ea2b22b3ef1f5ac30a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22ffe8be942ec35449ee6517cfbd628e4b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
spidershopping.com/ Name: c763baad2707ef39bc504da6ca44ad42
Value: 1a7809a8fa9abf70fe3d342e393b5a778a47157bffa9949277c42940781c6268a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22c763baad2707ef39bc504da6ca44ad42%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
buybutwhere.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImhqOXhVK0tmckIxbmhKWVBkWUZPVlE9PSIsInZhbHVlIjoibkRzMDV2d3k2eHpQbXdlMzdQWkk4OCtHQ1pJWHRXZEliUG5mNy90VEF0aVZxRis2cy9EZmU5dEFBYnM5a0hZS1RDczV0NEVrV2FKdVZ5ajdHdXFGVmVlT21YUWhlbG40bjR6MkNqaklyYWZRS3JJMzF6akVoSUdFckxGZW44MEYiLCJtYWMiOiJhNjkxZDQxM2IxNzEyNzg2MTNkZjM0ZmE3YjU3MTY1YThkYWFjMzk0NjJjNzYwMzljYWY0MmVmZjY0YzMyY2QwIiwidGFnIjoiIn0%3D
buybutwhere.com/ Name: buybutwhere_session
Value: eyJpdiI6IjVtQkFvaGhpajBjNnBZMnVwQ2hRWkE9PSIsInZhbHVlIjoic3NTQjJQajJhTitIQUE5WEpPNW01NHVSRWo4OTFSL2M1RzVYblRzRWdoZ2FSdlJGMGZQZlJzOHVlQkhrMFRjZ3A4YnBIQVhhcm5MVTFoS2xQSncvcGp3MEJCcTZrYlpNd0hNQmxJMElObFdpQWpOR1F5cnNPOFcxaGZybzFQU2EiLCJtYWMiOiJkOWYyMmQwMjZjZmQ2ODJmMTBiNzhkOGU2M2NjMTQwMzNiMTI1M2E1NjQ1NGQ1YzliNTExYzYyM2QxNDBiNTM5IiwidGFnIjoiIn0%3D
.awin1.com/ Name: aw14349
Value: 101248|0|0|1658625448|at106659_a171504_m1_p213371_t15572_cDE_so462dc9da828eed|aw|0
.awin1.com/ Name: bId
Value: HLEX_62dc9da85f1f93.52893466
kampagnen.gewinnspiel-gratis.com/ Name: PHPSESSID
Value: e2mlpaah3b15rk8csl2cn4h8l4
auto.gewinnspiel-gratis.com/ Name: PHPSESSID
Value: qmb7d2beohr8u149nulhavl9do
auto.gewinnspiel-gratis.com/ Name: coyoteAffiliTokenId224
Value: 13377452
auto.gewinnspiel-gratis.com/ Name: gdpr-auditId
Value: bfc3f310fb6445cab2246e4de2fd953f
.gewinnspiel-gratis.com/ Name: _aw_m_14349
Value: 14349_1658625448_14e79e9a2da4c9157db196e122510246
.auto.gewinnspiel-gratis.com/ Name: _pin_unauth
Value: dWlkPVpUbGxOMlUyWVRNdE9UQmhaUzAwWm1SaUxXRmlNV1l0TW1NME5UYzNPVEpsTmpoaA

4 Console Messages

Source Level URL
Text
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/runtime.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/polyfills.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/vendor.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=defaultTheme&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/main.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
auto.gewinnspiel-gratis.com
buybutwhere.com
cdn.datenschutz.burda.com
clever-redirect.com
cmp-consent-tool.privacymanager.io
ct.pinterest.com
fonts.gstatic.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
kampagnen.gewinnspiel-gratis.com
s.pinimg.com
spidershopping.com
test.cspitalone360.com
www.awin1.com
www.dwin1.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.smartredirect.de
103.224.182.206
103.224.182.252
104.111.239.217
104.75.88.209
13.225.78.42
130.255.79.205
162.55.54.68
2600:9000:20eb:3600:11:2a6a:9480:93a1
2600:9000:21f3:9c00:16:f82a:8600:93a1
2600:9000:21f3:b200:f:8ce2:fb80:93a1
2606:4700:3031::6815:dc3
2606:4700:3036::ac43:8065
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2004
2a02:26f0:6c00:285::1931
54.230.206.101
78.46.197.88
07b1a165b1e034c23623841c04e152196a4bf425560ff88b92308a698e3a5a6b
107c3c8d58a4b471627bcbdb06e10ec2cbd670a02c29458fea8383c1f9d7ddb9
10d30e26ef1c7a25e4714259f231c7db8993fe4583537a2be5a3b1749443b726
1357132a872bc3c79a758f8ee6bd845da8dd085917d3948fd9ea7eb5cbc8228d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e447a73ff7b3e07d997afc994dd1cf824b270c59a1fa88a8258aabbfc5a445e
1e8eb3143ae508bca0b46d3cc70e57d78c9c19b8b535a40498bad308428c65fb
1eae565e7f4ae4b87e5ffb96bf72fb3a58e4aeb73e73a00a5368c8cfe308aa2c
205acb9a708ae009d54160d12b5579be177c45d0d143d187c887fcec5826124e
29b7f78db08d77ff1943d06b6a5f1ebf24843b1fb8cd40da79d576101f5f0b5e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3220a07ad1f631e62d4b733f2ac3f6d8f640e67dccc04a5c7dfa1faeadd4c576
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c
50166cea7ed05f882dff7f3496d076e8bc9defb23b487d64d6d4a7c21c325d1a
578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b1a8cc54783fc3435a272b933c01e791d53de304cfd3689b024c924093a5656
5fd811628575c59ea4501cbacd7fee7ffcb6eac53994664438bf006142eb0e0e
613e7703528887ec639fbe5165b22ce6f72768a423ecd698f05e3ece6ce90ff4
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
668837fb1ef8b5cab86c3c62a680539dfa094cb2cc1f4251d4e8b3f95de13685
7fa80a6de1e1b6f87491ff07d9a2b80ff09b0bc3254504745f871459f6501065
8325fde788a11a8c315af768e561d24aec8ad70cc7cd9b45a45fae653d95f334
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
89262e988f50f1f4657aa0c6c4e46cb040c8edfcf27ec76120005051f3778c0c
8b6abe9e775ff2b0729aae8ed9f39fe60e33781c0814b33d847beb1a0105e06c
8dd50d5366dbce419bb2c92b138d8e5be463d274430e3ce9251bed8af3e130db
9c2acf0181a47b437de904abc7e621f932c8b42c6def02dfb3819f46331857f0
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
ad9b556bec49b402ebee48ed4d07db2297cc2f422ff9c61c7c4c9232070d3d14
b0a0e1e726adf1749c91a64c921903b7a6ffa2a3dc500a79e9823d044f279f57
b2d816ef2c0f1f13089fc0d7997383b196ee784a1a6130a5491aeab6f4b28268
c0c6ebceae3d1722e6da4ce408acb406787f11df1e1fb8696f33c5481e9b4b6f
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ced49017b1747b55cec9c576da1dc15fa47ce9cd77ec6e0cf27033892e826864
d74c8735a1c7885733cbefaeded9e8719f6ac612fdd958b86713f7842cf847fa
dc3bc6ad3cafaf7a43f6d0a94818995b5084568285ceb9a2d42be720225d56ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece1bdb345fd922918e7ebfb3dcfe9e41f9bb3baa3de232a863e23226351ffe0
edfb645a359cf93644bbfcadcab4792dff79dfbcceb7f1c57f6342030606aa68
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
ffac70f0b6b6d7566be2c5f6f91af0b7c30a068d728fa98e6a38a0e254b51011