urlscan.io logo urlscan.io
SecurityTrails logo

ed.traumbereich.com Open in urlscan Pro
45.156.90.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://1click-on.eu/p/Zp8l/rQl0/OEEA
Effective URL: https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Submission: On October 16 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 44 HTTP transactions. The main IP is 45.156.90.8, located in Germany and belongs to ABUNTIS, DE. The main domain is ed.traumbereich.com.
TLS certificate: Issued by R11 on October 9th 2024. Valid for: 3 months.
This is the only time ed.traumbereich.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 172.67.176.137 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 63.34.47.244 16509 (AMAZON-02)
7 45.156.90.8 211823 (ABUNTIS)
1 2001:4860:480... 15169 (GOOGLE)
2 142.250.185.228 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.181.227 15169 (GOOGLE)
2 142.250.185.67 15169 (GOOGLE)
1 159.69.145.0 24940 (HETZNER-AS)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
44 13
5    172.67.176.137 (United States)

ASN13335 (CLOUDFLARENET, US)
1click-on.eu
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    63.34.47.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-47-244.eu-west-1.compute.amazonaws.com
mail.hopgp.com
7    45.156.90.8 (Germany)

ASN211823 (ABUNTIS, DE)
ed.traumbereich.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
16    2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
2    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
1    159.69.145.0 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.145.69.159.clients.your-server.de
deingewinn.mycleverpush.com
4    2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)
api.cleverpush.com
Apex Domain
Subdomains		 Transfer
20 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 35482
api.cleverpush.com — Cisco Umbrella Rank: 31174
142 KB
7 traumbereich.com
ed.traumbereich.com
3 MB
5 1click-on.eu
1click-on.eu
451 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
281 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
994 B
1 mycleverpush.com
deingewinn.mycleverpush.com
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 hopgp.com
mail.hopgp.com
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
96 KB
44 10
Domain Requested by
16 static.cleverpush.com ed.traumbereich.com
static.cleverpush.com
7 ed.traumbereich.com 1click-on.eu
ed.traumbereich.com
5 1click-on.eu 1click-on.eu
4 api.cleverpush.com static.cleverpush.com
3 www.google-analytics.com 1click-on.eu
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.com ed.traumbereich.com
www.gstatic.com
1 deingewinn.mycleverpush.com static.cleverpush.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com ed.traumbereich.com
1 region1.google-analytics.com www.googletagmanager.com
1 mail.hopgp.com 1 redirects
1 www.googletagmanager.com www.google-analytics.com
44 13

This site contains no links.

Subject Issuer Validity Valid
1click-on.eu
WE1		 2024-09-04 -
2024-12-03		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.traumbereich.com
R11		 2024-10-09 -
2025-01-07		 3 months crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
cleverpush.com
WE1		 2024-08-26 -
2024-11-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-16 -
2025-06-16		 a year crt.sh

This page contains 3 frames:

Primary Page: https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Frame ID: 59994D76576A286DE0AF4FCEFA5E2C88
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfohG4aAAAAAIugGWrdrbVKrxl_P5U6SFNBldxV&co=aHR0cHM6Ly9lZC50cmF1bWJlcmVpY2guY29tOjQ0Mw..&hl=de&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=l11n8hqzqg08
Frame ID: 154F80C4FCE1CBC5D4ABC0BAF5A0D10B
Requests: 1 HTTP requests in this frame

Frame: https://deingewinn.mycleverpush.com/iframe?origin=https%3A%2F%2Fed.traumbereich.com
Frame ID: 286DBD2991CE45E9A91D72A066D47AEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Supermarkt

Page URL History Show full URLs

  1. https://1click-on.eu/p/Zp8l/rQl0/OEEA Page URL
  2. https://mail.hopgp.com/aff_c?offer_id=30&aff_id=1179&url_id=213&aff_click_id=mlClick-s2GOf46e&aff_s... HTTP 302
    https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

44
Requests

100 %
HTTPS

46 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

4301 kB
Transfer

5911 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://1click-on.eu/p/Zp8l/rQl0/OEEA Page URL
  2. https://mail.hopgp.com/aff_c?offer_id=30&aff_id=1179&url_id=213&aff_click_id=mlClick-s2GOf46e&aff_sub=1119872 HTTP 302
    https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
OEEA
1click-on.eu/p/Zp8l/rQl0/ 		597 KB
438 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1click-on.eu/p/Zp8l/rQl0/OEEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6b5dd129b4ce17915c8a82d9c3312c06190088e2fcc270874b9048001c661fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
8d378c01ac0c9b8e-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 16 Oct 2024 11:00:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9qLyRHivHjKLsZfZyxY684F3J%2BngyChvPE8Ty%2BpPONAUjlXxeRs%2BmLeZD%2FSnmvyt3n8Ht%2FPoijnW1866zDlmiVyF8kq9ziMe5v3LqaOEu2uB5gtHMjYqEroCPuZZ9cU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
speculation
1click-on.eu/cdn-cgi/ 		128 B
575 B 		Other
General
Check archive.org
Download Go to
Full URL
https://1click-on.eu/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://1click-on.eu
Referer
https://1click-on.eu/p/Zp8l/rQl0/OEEA

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFyT8nav30CUI850WJdgtWnP1GW4UdMHcLwaseOYeM9oC%2FQYfS7EGA5i%2BW62Q5PvkBY3N1A%2F1KOC%2BQJQSrN7NfrX1eJGF%2BL0Zjm9JUW3MhaNpiYUFZrbjl2j0ce3ILg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d378c05def29b8e-FRA
access-control-allow-origin
https://1click-on.eu
alt-svc
h3=":443"; ma=86400
content-length
128
server-timing
cfExtPri
date
Wed, 16 Oct 2024 11:00:45 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
envoirment.js
1click-on.eu/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1click-on.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Requested by
Host: 1click-on.eu
URL: https://1click-on.eu/p/Zp8l/rQl0/OEEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
device-memory
8
Referer
https://1click-on.eu/p/Zp8l/rQl0/OEEA

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"627a4b7c-8078"
age
1123
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7L%2BDIfqswFzD%2FXWKJliqReOeyQ1sVaoRBcrHjXmhH0jLv4GOvHZTKihtLVDEGRI3K6XKBy72G34WglWECg1j%2B1QTWvX2w3H7%2FxveA32ohOG5gP5EBvQFlAPs7tLweI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d378c05def49b8e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 11:00:45 GMT
content-type
application/javascript
last-modified
Tue, 10 May 2022 11:24:44 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		446 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89908ac194675cb2581d7b35d7223915ec9cec97cbd22a3dbc45d8f4bedb0d0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 1click-on.eu
URL: https://1click-on.eu/p/Zp8l/rQl0/OEEA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1click-on.eu/

Response headers

content-encoding
gzip
age
5670
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 11:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 09:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/j/ 		15 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=586754728&t=pageview&_s=1&dl=https%3A%2F%2F1click-on.eu%2Fp%2FZp8l%2FrQl0%2FOEEA&ul=de-de&de=UTF-8&dt=Zalando%20Voucher%20500%E2%82%AC%20-%20DE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2132957&gjid=3600454&cid=819440932.1729076446&tid=UA-110090096-2&_gid=1181075135.1729076446&_r=1&_slc=1&z=1144302817
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
4d99c18018fde2d6060269d70d24f6ffc2435d83367c7e66b9b4f731ea551351
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://1click-on.eu/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 11:00:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://1click-on.eu
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
www.google-analytics.com/ 		35 B
324 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://1click-on.eu/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 11:00:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
https://1click-on.eu
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
finger
1click-on.eu/ 		20 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1click-on.eu/finger
Requested by
Host: 1click-on.eu
URL: https://1click-on.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://1click-on.eu/p/Zp8l/rQl0/OEEA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
device-memory
8
Content-Type
application/json

Response headers

cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FJAVD8Gp4NxqDR82dHfIMENitzIIxVpw1DXEg%2FS4R63L0jFG4rZvqh3FEHgT2T%2B%2Bqc7nEuf%2BaBWE%2BOrfB50h4k6sejIU4WQw2AH3qkspP8Jjdwf4f3%2FIE7diowYl4s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d378c09b9ec9b8e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 11:00:45 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
favicon.ico
1click-on.eu/ 		548 B
629 B 		Other
General
Check archive.org
Download Go to
Full URL
https://1click-on.eu/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
device-memory
8
Referer
https://1click-on.eu/p/Zp8l/rQl0/OEEA

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
67
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRLeq2gTe7llHHNsd5Fa0KX2FuQqwIp27MVJBXn65FI2hsYE%2FGyr8%2BHmtZjzJTW5mKbNvSQEXwYBIiVp%2BvE63GO%2FilWBSJfLBIhrlON2AiITJTuTSSg6ZCPulUPzOlU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d378c09b9f09b8e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 11:00:45 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		272 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9R803BRQ9Q&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1click-on.eu/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 16 Oct 2024 11:00:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 11:00:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97928
x-xss-protection
0
server
Google Tag Manager
Primary Request /
ed.traumbereich.com/
Redirect Chain
  • https://mail.hopgp.com/aff_c?offer_id=30&aff_id=1179&url_id=213&aff_click_id=mlClick-s2GOf46e&aff_sub=1119872
  • https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
123 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Requested by
Host: 1click-on.eu
URL: https://1click-on.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.156.90.8 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
/
Resource Hash
a9707f3ae906447b323c5f030d1d7cd5769177d7ba87440e257ab329854b31b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1click-on.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 16 Oct 2024 11:00:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
status
200 OK
strict-transport-security
max-age=63072000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-request-id
2495e6ae-ec21-4026-9449-a7626d1f2be0
x-runtime
0.143212
x-xss-protection
1; mode=block

Redirect headers

Accept-Ch
Sec-Ch-Dpr, Dpr, Sec-Ch-Ua-Model
Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
322
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 16 Oct 2024 11:00:45 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102812372e7e9b37237f5c4b3a2514
X-Request-Id
7b97d8125726129a2fb8c66965c82d88
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9R803BRQ9Q&gtm=45je4ae0v9123073336za200&_p=1729076445720&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685&ul=de-de&sr=1600x1200&cid=819440932.1729076446&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2F1click-on.eu%2Fp%2FZp8l%2FrQl0%2FOEEA&dt=Zalando%20Voucher%20500%E2%82%AC%20-%20DE&sid=1729076445&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1669
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9R803BRQ9Q&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1click-on.eu/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1click-on.eu
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 11:00:45 GMT
content-type
text/plain
server
Golfe2
api.js
www.google.com/recaptcha/ 		1 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfohG4aAAAAAIugGWrdrbVKrxl_P5U6SFNBldxV
Requested by
Host: ed.traumbereich.com
URL: https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
ESF /
Resource Hash
1e72253a015456dce266327c2bd38934be30d1ea57253f7bff9c468bc107c908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 11:00:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 16 Oct 2024 11:00:46 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COpen+Sans+Condensed:700
Requested by
Host: ed.traumbereich.com
URL: https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8116500852ca332f46f1b420df36dfb1860f9028dd1c3d9bb65fc9aefa75ee4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 11:00:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 11:00:46 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 16 Oct 2024 11:00:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
page-441f49347bfd2ac9b05e800332689a05ee6490215252d43732dd46f9649e69df.css
ed.traumbereich.com/assets/ 		123 KB
123 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ed.traumbereich.com/assets/page-441f49347bfd2ac9b05e800332689a05ee6490215252d43732dd46f9649e69df.css
Requested by
Host: ed.traumbereich.com
URL: https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.156.90.8 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
/
Resource Hash
38bf1871d594c86ea4d91d6f867b77138bc2c13c082a993e04e46f58a0b1c013
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"5fd1dce8-1eab8"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
125624
date
Wed, 16 Oct 2024 11:00:46 GMT
content-type
text/css
last-modified
Thu, 10 Dec 2020 08:31:36 GMT
page-07128814095fb33072684b502631ff55b37731a1504a639746e5a44ba2a33346.js
ed.traumbereich.com/assets/ 		440 KB
441 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ed.traumbereich.com/assets/page-07128814095fb33072684b502631ff55b37731a1504a639746e5a44ba2a33346.js
Requested by
Host: ed.traumbereich.com
URL: https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.156.90.8 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
/
Resource Hash
07128814095fb33072684b502631ff55b37731a1504a639746e5a44ba2a33346
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"65ba2873-6e01e"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
450590
date
Wed, 16 Oct 2024 11:00:46 GMT
content-type
application/javascript
last-modified
Wed, 31 Jan 2024 11:01:07 GMT
XD9mH9GW8oFaaPcwK.js
static.cleverpush.com/channel/loader/ 		171 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Requested by
Host: ed.traumbereich.com
URL: https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eb504bf7f487432192f2f8a2a2a9c4f6a34e75bf710e7e91bf8870151e2b6fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"558c5e88e37601c54a3231060c65bfa1"
age
12755
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJFwT0NSYle2APWvfXSkTKTTjX%2BJt24rlwG6zFIOS1mEkA20BaIBO9oedbL4Lip5PXJZS%2BZZtzbOiZZYd3hIz%2F73jVqKwParRVRXPC5lMrHlTCbkT%2F%2BwNADqq8s2WjwOus8t%2Fjn%2BM1ldy1r69sukDc0jtg%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:46 GMT
content-type
application/javascript
last-modified
Tue, 15 Oct 2024 00:50:16 GMT
vary
Accept-Encoding
x-amz-id-2
hMycFqiYwvhR8PzCgJiC8tKdfTxxb/UC2MGkXO/VPiZ9UWcBgHwQDzIr2ooBbf4nomVqohOZMiw=
cache-control
public, max-age=21600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WTR15SQ8319ZVQQB
cf-ray
8d378c0f4e89d361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
prize.png
ed.traumbereich.com/system/uploads/plain_images/images/000/002/529/original/ 		434 KB
435 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ed.traumbereich.com/system/uploads/plain_images/images/000/002/529/original/prize.png?1631793357
Requested by
Host: ed.traumbereich.com
URL: https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.156.90.8 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
/
Resource Hash
6c3534e919b2d1054bc224481045dfc8c3d3df012ccb18453434ef976b05eff1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"614330cd-6c82b"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
444459
date
Wed, 16 Oct 2024 11:00:46 GMT
content-type
image/png
last-modified
Thu, 16 Sep 2021 11:55:57 GMT
1729076446-1.gif
ed.traumbereich.com/views/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ed.traumbereich.com/views/1729076446-1.gif
Requested by
Host: ed.traumbereich.com
URL: https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.156.90.8 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
x-request-id
09d2187e-e83d-4cd8-ac86-80e7069449a3
cache-control
no-cache, no-store
content-encoding
gzip
pragma
no-cache
content-transfer-encoding
binary
x-content-type-options
nosniff, nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
200 OK
x-xss-protection
1; mode=block
date
Wed, 16 Oct 2024 11:00:46 GMT
content-type
image/gif
vary
Accept-Encoding
x-runtime
0.032355
content-disposition
inline
recaptcha__de.js
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/ 		547 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfohG4aAAAAAIugGWrdrbVKrxl_P5U6SFNBldxV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
c786995bf890f9ed1a8b1f75ac9db975905b2bad0c88421ebbbc56cf62ea2327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ed.traumbereich.com
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
gzip
age
26372
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:41:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:41:14 GMT
last-modified
Mon, 07 Oct 2024 04:02:51 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222727
x-xss-protection
0
server
sffe
bg.jpg
ed.traumbereich.com/system/uploads/plain_images/images/000/002/528/original/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ed.traumbereich.com/system/uploads/plain_images/images/000/002/528/original/bg.jpg?1631792341
Requested by
Host: ed.traumbereich.com
URL: https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.156.90.8 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
/
Resource Hash
9e18d337984a9e65614fc8d898479bf198916ff59414c70720f891e9f36cd3a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"61432cd5-230154"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2294100
date
Wed, 16 Oct 2024 11:00:46 GMT
content-type
image/jpeg
last-modified
Thu, 16 Sep 2021 11:39:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COpen+Sans+Condensed:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ed.traumbereich.com
Referer
https://fonts.googleapis.com/

Response headers

age
133283
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COpen+Sans+Condensed:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ed.traumbereich.com
Referer
https://fonts.googleapis.com/

Response headers

age
26457
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:39:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:39:49 GMT
last-modified
Tue, 19 Apr 2022 18:08:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16324
x-xss-protection
0
server
sffe
1731.1e0589e93eed6eedd9e8.js
static.cleverpush.com/sdk/chunk/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/1731.1e0589e93eed6eedd9e8.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0aaa74f1d116bd31b67d39870824352b564e000b3675b749043dec7a322cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"b83a51ac9339868de81f3b9105e9b7ae"
age
19365
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2XIqPUhy0Hv2gSxSXGFZgNxy5uM8HoB3AgVapXUt2nV%2FsQ%2BGre1mPQF63Ygr8munidI47GU6IUBElkvW%2B6gc8kK3IhsjA3yBVk%2FI8cukEODpt%2FWAa16Oe0bGyuiJiO4%2FD8C0iKTM2HJzkpQnBxceD02yA%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:46 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:38 GMT
vary
Accept-Encoding
x-amz-id-2
Dab4BV1nNAAi1XSB7xgqAKEI4bKMQO4+iSwaCfl0VMjWydy+huuVzX3q08glPLsbr9zMX8ir6h4=
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
294DWVQQ2239V7XJ
cf-ray
8d378c10eabbd361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
9835.4224ee6cdea15e6c6e7b.js
static.cleverpush.com/sdk/chunk/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/9835.4224ee6cdea15e6c6e7b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046d73655eb275b276a5b08509b844ff72efcfc39e570751a34c708201cbd7c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"5c516e12c150905094329add62f53719"
age
23277
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrB0gJxZ6PeU3l1C3zgqX1rFiVgezJYuyWuJbsLroG4pgTSCp79JrXcmuNzllBSoCbOjqiMJypK6760bsdcFnOs6huIj2r8cETz6EFXvhkKhO4BXyIrW8w9eBVE6NuMmUBlqGTNQS%2FNk78IfJH8Tlio%2FNw%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:46 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:45 GMT
vary
Accept-Encoding
x-amz-id-2
17rbeHmKgANdTNU9nPbLkYzY98M0aOjHbtj5TBKjpAV8ckRZSGZT1dP7f1D3YsVWHElFbXYKg42xoozUvOlc1w==
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
948R2NQM58N3SWJB
cf-ray
8d378c10eac2d361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
4663.a62cc16c9086f415ce3e.js
static.cleverpush.com/sdk/chunk/ 		1 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4663.a62cc16c9086f415ce3e.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ce488016e10e57ed18b91230364c9b44ac2d00cd4eb5ec89c816a3ec035665

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"a82cf65ac0d1c5f50c78232480ec4b5c"
age
18303
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0eaRgwB%2BNDpQytRFVpjDI8PFfwoUkXpnVI3PE76vhk%2Fiba8QJb2Wu8DOnenLhhZW21kbgHkG08i%2BQOjnXrSqvH%2FlRKUqNhImwkMn0xvzCZqnAJQEqXt8QXVxfX5zU0q%2BGCNUdoh4m1%2F%2F7ocIpRsOcGqqA%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:46 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:40 GMT
vary
Accept-Encoding
x-amz-id-2
mvbEKKlebB+NGIjxoEfKg36JGrAiUO/c6SkcwSE73VRJFo+y4kkxxw/KnNScSh3Y6xkK4+lpE+1heatY/D68og==
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18FWDQHPV20JD36W
cf-ray
8d378c10eacbd361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
anchor
www.google.com/recaptcha/api2/ Frame 154F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfohG4aAAAAAIugGWrdrbVKrxl_P5U6SFNBldxV&co=aHR0cHM6Ly9lZC50cmF1bWJlcmVpY2guY29tOjQ0Mw..&hl=de&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=l11n8hqzqg08
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4zVHO5cPkwpC-7LioavqIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed.traumbereich.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4zVHO5cPkwpC-7LioavqIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 11:00:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
4005.6f562922d9c9f546bc3d.js
static.cleverpush.com/sdk/chunk/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4005.6f562922d9c9f546bc3d.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee88822b67db7e7c863a6ba2e751bbce73d63a0e3b50a528da0b82a45ecbbc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"a8f33d6686dcc672874231122a4a4e3c"
age
23278
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZclKPCJeh%2FNzbtfQAbmp90l7f7ZTCa3uQK%2FAKikF9biQNCy0vRfhF6ugSUYF2qhR1fJgELblXU5mf9kU7wTih9oesEVcGbIZDFCDwEX9ZklQIfeZQhIzdBu2wvQ1AUU7%2FWtrDu0aDTvMCPqwNLpk0jR6UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:40 GMT
vary
Accept-Encoding
x-amz-id-2
wfYSOtRdrUtRJPUQVNgGakQPmIo7fqUVBdA1hTwxU7Tq9H1VeTAlX9wlvx6LkgPr7CduK+N9H4bzdZi3bP1PZg==
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
948JFYJ68KSSK0SC
cf-ray
8d378c125dced361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
3251.852e9eed8ead3e6378e1.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/3251.852e9eed8ead3e6378e1.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3aa5f7c7a36d0219f25eea299c8d1e896d03dcbe0c3455830d775e35f9f1da4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"83f28f7f709f04b0db81309a40c83d68"
age
23278
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KeLlxGjQ8cGhDdTB3KceDUUCGXWJQcLv3M0HwFAlV4KZasJafom%2BHZVCaudvXmpEjvfIDz%2FO6nD7%2BtL2Y2I3HjfMf9IePrp9xqzIciXC83P9iZfTZZY8%2B33Q4jmDCzB2%2B5U%2BUEZfSQWFXvVqs2s9okqTfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:39 GMT
vary
Accept-Encoding
x-amz-id-2
f1oSjUhTIsPsIUxymE7ohffdDGo6dlsz0K6L/fdOUd1vyNBc8YVlTgG46T1C+pI88v2mXBnaB7mqUnOh5WSOvA==
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
948RWMBZ5HRE7SAQ
cf-ray
8d378c125dd2d361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
8115.72284aebf28876a6dab2.js
static.cleverpush.com/sdk/chunk/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/8115.72284aebf28876a6dab2.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e87710c0c3a6c2a24077a9b6c039560c4aba328a863839890bdaea51c228bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"730e2ac5ed56ca01649d24824a9c72f1"
age
5812
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6y2vPuLbki%2BNFRPIqEqbzwgb5SPhI1DN3yCv1GInDGvysmsE%2FVLTbehTafpJupvTUcKP5SvY%2F%2BvJlW8VNWhez%2FSxrn8F8soYrB5kJAoWvLxB7t0BvrbcnbxuCIQTW4DjF4%2F2xITF0FQmIAHd%2BCBb0r%2BEA%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:43 GMT
vary
Accept-Encoding
x-amz-id-2
MZxnmAg9Kp4n6dsKJCXMN9PkEUtJtqTZRnKOz5eqNMe55BaUhodS7v0KGTqBzNk5NtkM7qWSHw4=
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
W8RYHY2M73888SS2
cf-ray
8d378c125dd7d361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
iframe
deingewinn.mycleverpush.com/ Frame 286D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://deingewinn.mycleverpush.com/iframe?origin=https%3A%2F%2Fed.traumbereich.com
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/3251.852e9eed8ead3e6378e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.145.0 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.0.145.69.159.clients.your-server.de
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ed.traumbereich.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 16 Oct 2024 11:00:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-3
x-cache-status
EXPIRED
x-robots-tag
noindex
6103.0a79e878620a13e28d86.js
static.cleverpush.com/sdk/chunk/ 		115 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/6103.0a79e878620a13e28d86.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a79b8a7607cd0c8f22c141ffe67fb1ce682e7100448a12549f33a7ea8ff445

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"da59565c0b7e6920209d3ab1abb10fb9"
age
70
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atnP8FY%2BJoqk5%2FWW%2FiecSS5a%2FG41ZvIb5JyUpvQ%2FbtASv9JreJYnBG0O4%2F9Jt6GvKVWF7Wgo32Uk0x2%2Fr88MzH6qMukwbofFKTpz0S5DY0ErcFSP51SvMT%2FwPPjijAgeodvBrDFKTSpB10VoXOdxzmOz6A%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:42 GMT
vary
Accept-Encoding
x-amz-id-2
KyxTar3cfgKIAs/BLJ4cHsL2C99+1L2lSL5GCgsH8R3sGIQC7kiYTct1WtzofdCkzoBnNZk/kMJc1NGU6MbGVg==
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
948M1M95A0A7KAG9
cf-ray
8d378c15eeb6d361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
7720.b1ea4de9b7a3871148fa.js
static.cleverpush.com/sdk/chunk/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/7720.b1ea4de9b7a3871148fa.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b986b4b15849ae5b70a2f1717e6c90ff917d28819045f29b1df622945aaa76e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"c1df533752da840bc11a7db67e20495b"
age
23277
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SjU9TiTEuGhSQuO9%2BBz6gDK%2FjiSDFwYPk1PIH9GcZJ%2F0NpRbzIRZyLAOv7dYxVAOzMt4qyKaDBxRbkstdwyx%2BD5Q%2FM3n%2BY2hmFJVCMARCKvJCKMn72OYnPx8R6jd3Zd6r4pHaI5KLTnYkkOYUt9Ze%2B2z2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:43 GMT
vary
Accept-Encoding
x-amz-id-2
6zhnjSAqX6B4vweUpCinGpppm/LRmMxSO+fZtT7u+VXKiF2w5zHR5xZWN4PBnkco/pcdowKiTRaceSu8Phj4VQ==
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4TN7HHGMN8HKAQC4
cf-ray
8d378c15eeb9d361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
favicon.ico
ed.traumbereich.com/ 		25 KB
25 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ed.traumbereich.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.156.90.8 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
/
Resource Hash
456fea2a70c15ca0ffb471cce04df584a404fe2f6b247ff48b8b6ece8d009b4a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/?PR_ID=1179&token-id=102812372e7e9b37237f5c4b3a2514&sub-id=1119872&sub-id2=&sub-id3=&sid4=

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"5fd1dce8-627e"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
25214
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
image/x-icon
last-modified
Thu, 10 Dec 2020 08:31:36 GMT
4329.161de75565ffafac99d5.js
static.cleverpush.com/sdk/chunk/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4329.161de75565ffafac99d5.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2f9468180c4d0b76ade2e64167259d13a3df53a6279fbb5370acf210be4d480

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0024dcfd4e8452a3bb39e43d2cb0849d"
age
5814
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6gMDU23InDRtZec29g%2BKyfOrA9pez6Joqgnc0A%2Brv4HH%2BHKcGdoJc2IXZ%2FIC0abD5D%2F4g6JQ9seNTII7oHCVug2D%2Ftgl0Nt19a99l%2Bnd6Vn6Z9qNM6Hxyozotny9S2IWEyPLUEyBkBimXilUpu9qDsS1A%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:40 GMT
vary
Accept-Encoding
x-amz-id-2
YGhWNuHpKuja9l4YTBE3z8peVYHYHTng6WEdLUpMyF50pV/FLHfmxZtq0SXbaKrCRATx6OvmL64=
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
K3TG43ANFFT3EDHH
cf-ray
8d378c16f987d361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
9800.d752b49f53e52267fd30.js
static.cleverpush.com/sdk/chunk/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/9800.d752b49f53e52267fd30.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86914cb4fec67831a6c866a8c3934cff2688511a95354a6126b9b50be1259c6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"628080cd27024db857fd6c7a31fa9097"
age
18303
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XONdWrBUld3QrGySHkyC4WY3UhySbS7D4LSdUl%2FXcvJRNcdn5FI7GFGcNRpyVXb%2B3fN1gAAKNomCiO0cr7bgVvDBBacoffWZSHv%2B4Q4FLR5jm4Prj60ESsC8vOV2t6qeMfUpVV3WOix4alo4S%2BjwAxR%2F7w%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:45 GMT
vary
Accept-Encoding
x-amz-id-2
Q7Fa/VQgM9sq9rOWCdgs2I3ljWOw6PwBrVUscz+QAmQ9IJGhXBDiq8aIqnf96AJ+9sV7N/Z69N8=
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
XX7J9YNNGVFXS9BN
cf-ray
8d378c16f98cd361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
2447.8b664facd0ac959090aa.js
static.cleverpush.com/sdk/chunk/ 		417 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/2447.8b664facd0ac959090aa.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c697709813701b68d0d5788322bb4bddd3e6bf9e8085bd10f8a6eee3c889b80a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"f6eac38e4d01e006787b46925e95afd8"
age
19366
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2B4ZyEq9zp364rma9mfsJ%2BCP2ni2ERndJuNEpwpvx0L2PeOBEHz9LC9iYSmcBWAZFz2%2BsyL0A99va1K10kCOxKWbppssGenEzwey3t7OkMRbrkgwI9GsLBm3imzbMYrD%2Fw6P2uWcEL%2Fam4mBihyUtTsTdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:39 GMT
vary
Accept-Encoding
x-amz-id-2
JSzwUKEWCH0NJBDHmo0cti0mHIDj4hX8WzbgklAPTWNmb+Xaae60LKNLEFo1OufQXAkyym1m44S56NRNJ5K70ywiaHpPjFkBGyLLPeApUWQ=
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2945MEV3R2NQP6SA
cf-ray
8d378c16f98fd361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
438.b8546722d750f5fb84e0.js
static.cleverpush.com/sdk/chunk/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/438.b8546722d750f5fb84e0.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40140ee3d8b17d59480c7257a7ac9bd0d92c9ec9c5a1edae18aa4277b7dbbdfd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"444dbd9db15c18d22323bf037a6ca3bf"
age
19366
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9IlALv%2FgDxM5rxybl3%2B75E0dtn33z6DN7mxdixNX2kO9H5uQ5%2B6wq7FOFBks%2FoiE%2F7Xj4YZ%2FchFI%2BCfZS2I8G1a1Eq5w7sRkLGIoEOANHVbuX%2FvQXy8Edp0VP86HSSHuL78yH5B8nDx5E4EvfotFCE1Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:40 GMT
vary
Accept-Encoding
x-amz-id-2
W1Bj/Y6+S1pHNdvJDm6G442InGxIfTei2H7vRkkqMd/7DC6echRlgSEmH44Ba8LbQ6A3HS0FOfc=
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
29427EFV3GT6SEHR
cf-ray
8d378c16f990d361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
1376.35cf0ba4e9c7e543c5b6.js
static.cleverpush.com/sdk/chunk/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/1376.35cf0ba4e9c7e543c5b6.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0439122447204b780457fa57edd4a5acc7f6664f17c7578e3014cfccd971ed4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"18e09f22bb92cef28ebfe5377a5c7e6a"
age
5813
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PP1m39wHUxXQrMZ60AZtXPyQ44iUEaWRrFT9Uv5x430pG%2FE2Nphso392ZpwxeIeCUEkF9PiqMCa00TnXW%2BFgl%2BXW%2Ff%2Bd%2Bkthf7P1C9CDgFcY1ZYaAyL6JcDm%2BJ2kbrfeQ1Jr6CiG61B11ibg2Y7sKxQevA%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:38 GMT
vary
Accept-Encoding
x-amz-id-2
/gaCUsRoe1hUPlAVnVmvSTcWEgPeO6sUwV9FJe82K9fOFglAt5LDhUKg/b33APRUFWa2tVLRVdT0dPe+JY0+1HWyuHTCIxHn
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PC03EYX1RDPN9V12
cf-ray
8d378c16f992d361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
4862.f51faeef0033012ee39c.js
static.cleverpush.com/sdk/chunk/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4862.f51faeef0033012ee39c.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2fa827bc637d39c7dd0b0ae4cfebc4b6fdfc01daba8f8fd36241bb60ee5d3a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"8173b480a059b3a829884bccddbdd595"
age
5813
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c250FsW31EgCKs4YcQlqV42tNxaatUQYL8HAaZ2s0FdpTiRFiIaxHmb1L%2B9pbJpDzq0i%2BGS0uOHHoTSs30fW7riSj4kUCi5d7zcJOTgckKAmSnPRSrkgGXuJncKa%2BavklS%2FzoKcZeKNz1F4cnc8hFfKk6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Oct 2024 13:04:40 GMT
vary
Accept-Encoding
x-amz-id-2
lOK5l/z7pedZ12IlvU/6AYa8hDAjYxkuObm/gpKHvuC1yNk1dCzrd0xUja08HcR4XkrlhvqNXWs=
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PC07MGWZ0NM5QPWB
cf-ray
8d378c16f994d361-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
optin-visitor
api.cleverpush.com/channel/ 		16 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ed.traumbereich.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVLmfxy5mIU9S%2BV7NXczNHuTXvcT%2FyX%2FuyoSs9n2V4qShzL4UuiGBn%2BAx5fSooLggz4L88mv5ysCsyzRVfYfEuKoY4Zufbc5bzr7hSinHjzkN8Ykh9uyz5XN5UNDJ8Vvs6UFP2UrtpqEdp81ntxW%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
x-backend-server
cleverpush-worker-3
cf-ray
8d378c178b07dbfe-FRA
access-control-allow-origin
*
date
Wed, 16 Oct 2024 11:00:47 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ed.traumbereich.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8d378c175a5adbfe-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Wed, 16 Oct 2024 11:00:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltLbdLzuNNskilTf3vIQLaeA0KmfINJ%2B7CZKLts4aMx7hVsCtAXldhySNudHs62Z1wOsCK979jeh8vYDb50DctEKg396TYB%2FSvklstK3BaDmaQI16cKVZV0yf9OH8sMFxe8pkSAsNrhaESIatkLF6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ 		16 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ed.traumbereich.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bLK6EPiEJ7%2BJjlLAW75y%2BwwD4vulQuK2B5y%2FnW%2F711sUC1KTYtakiSW5k71%2FU0oo78uI9bU%2F7WpSQVq7XyAWLH1I7ytIFLcysw4bd6h9B%2FYj0hY82PW0OW0D8%2Bd3y0VyoHivVBAgM0lX3b4At2stqw%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=NpTd.6bOGjuB7fZz8nKiQFx0MrvD3zlQ4drvpII8OlU-1729076449-1.0.1.1-E25Rhau9Wn9bD7r8fr9PpMlHV0lx9jjy5tzECet5byRqgysA3b2RH3ez8pLbQp9EwKxKWuOtTuKqK7H7rUMvT7rdybfPVYPQu9BevFiiYFT8tj0qsh.jsIYbW6tl05RXzaTrFj6_qXh4QhZnJm_oDw01uvE_TK7Ly6ioiRKWW.8"}],"group":"cf-csp-endpoint","max_age":86400}
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
x-backend-server
cleverpush-worker-3
date
Wed, 16 Oct 2024 11:00:49 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=NpTd.6bOGjuB7fZz8nKiQFx0MrvD3zlQ4drvpII8OlU-1729076449-1.0.1.1-E25Rhau9Wn9bD7r8fr9PpMlHV0lx9jjy5tzECet5byRqgysA3b2RH3ez8pLbQp9EwKxKWuOtTuKqK7H7rUMvT7rdybfPVYPQu9BevFiiYFT8tj0qsh.jsIYbW6tl05RXzaTrFj6_qXh4QhZnJm_oDw01uvE_TK7Ly6ioiRKWW.8; report-to cf-csp-endpoint
cf-ray
8d378c1e3909dbfe-FRA
access-control-allow-origin
*
server
cloudflare
gRmDHcewsGmWupZWK.png
static.cleverpush.com/notification/icon/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cleverpush.com/notification/icon/gRmDHcewsGmWupZWK.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fcfcdb4db086c5ac796f4f45e92bad3b5cad5689a10e1dbecf8bb3ddbb9138b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ed.traumbereich.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"85d86ad0dda64133db72256359778f92"
age
5222
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUh8dtIMh%2Bz3novOcb%2BUtf6RtV15rPbdaCIEOyJuUPH0GkVlWFbW98ztGp2wpyVYk0DK7D13FzdZnUFVVzQs1fyDOvAYpxfvptqknwpYoqqn0aV9rKmA7c1x2n6WequIKH8%2BOwIcx9wIoDwV6EO7qy%2FcOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
855ANMVSMP8Z6GCF
cf-ray
8d378c1ddc5dd361-FRA
accept-ranges
bytes
content-length
13493
date
Wed, 16 Oct 2024 11:00:48 GMT
content-type
image/png
last-modified
Mon, 11 Jan 2021 12:13:36 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
fqDPs2RL5US6QT/wkfjbCfyA7aUuB9hfH+9FU748Zco7ZbEdHGBZvlQ7rFM0gKtkCYBxiDiwCvc=
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ed.traumbereich.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8d378c1ddfa3dbfe-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Wed, 16 Oct 2024 11:00:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVtYTwNS2jpmGXQ1LhmZwiHBXF8MoQoh3MpkGnN%2Fc4IrCNn6lcBTnS6pPgdhrRmzvmhX3EDGbWAex3bqSmzb1Is0Y7n8E5bORjHasleSJnavSjNZsIhfo1zoWmQxswbncP%2FV1i0Kg2tJs3AaUlxQaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| filter_street_list function| get_cities function| get_streets function| transliterate function| do_nothing function| ajax_trigger_group function| ajax_save_coreg function| validation_check function| init_iframe_spinner function| lsa function| h_put_f function| put_f function| check_unfinished_coregs function| parse_text function| replacer function| processCoreg function| _willTriggerCoregGroups function| _willTriggerQuestion function| _willTriggerSaveCoregs function| _willPresentPopunder function| _displayCoregElement function| _hideCoregElement function| _showHideNextQuestion function| Participant function| $ function| jQuery object| jQuery1124022854589797758895 object| CleverPush function| setNewFormGroup function| setCookie function| getCookie function| modalStatus function| getParamter function| showText function| hideText function| firstPageClientValidation function| secondPageClientValidation function| FieldValidation function| FormField function| FieldProcessor string| WENATEX string| BRIGITTE string| DAMOWI_GEO function| willTriggerCoregGroups function| willTriggerQuestion function| willTriggerSaveCoregs function| hideCoregElement function| coregModalHeaderMarkup function| wiggleAnswers function| _userActivityTimedOut function| actionWithInactivity function| actionWithNegative function| willSubmitAfterPassingValidation function| formPopupMarkup function| spinnerMarkup function| updateProgressIndicator object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| recaptcha object| closure_lm_943809

8 Cookies

Domain/Path Name / Value
1click-on.eu/ Name: cd70ceeb4a1768030b1882c90242a428
Value: cd70ceeb4a1768030b1882c90242a428
.1click-on.eu/ Name: _ga
Value: GA1.2.819440932.1729076446
.1click-on.eu/ Name: _gid
Value: GA1.2.1181075135.1729076446
.1click-on.eu/ Name: _gat
Value: 1
.1click-on.eu/ Name: _ga_9R803BRQ9Q
Value: GS1.2.1729076445.1.0.1729076445.0.0.0
mail.hopgp.com/ Name: enc_aff_session_30
Value: ENC034be8879e4d324a4ed97dda11752cc5308580cfa96390810ea64006f1a516208c5158e09383f55467475553944dda01467e5e06b2d39920a4def6e0da48148e1cd0874709aaeb6a6024e931a3b673f546f304e63a8745a9845c8a9e4ee0446456109c7dd3680a3869c5ee0cbfb2d907dda124b8bbc2767c93fb52acaab185e7d98c5657d71ab511d4723e07d821cdf9930c73071fdd9cf651e3162f8376fed11b1cede78f
mail.hopgp.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjkiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI5LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
ed.traumbereich.com/ Name: _traumbereich_com_100004_1482_session
Value: dUp4WWxvdWxVV3ZqVGZYZUY5eVRmRkJ4ZktyWTBjWkk3OVJqRWwrVEx3UTV4ODJncmI4UEkwUGNEM3VZQithaEpKeG5Hd3lYNmxyZWtDdUx6Nys0ZmVCT0E2elAybzEwdys1dlRJMVlnWS9aUW94ckxDOFFFSndaQ3Qvb0o5RU5VMkpON2FYUzBKNWFKbG5qVEgrd0dsMjhCZ3NNNTJ0VFg2SHZlODFPamNoY21Sa0RDVFVvUURJNFRaMGh5N2RyS0hIWFNXdjhReVFTU1JZT2RCUmsydTBrTVN6ek9ncFAxUDhRM2daekx1Q1dIY0t0UUFSWms0UkZZTU5tL2EyWlBpendMNGR6Q1RnVlFaSjR2S1pVem1CWFJwQ3dOMjBWSS9pVkxKTlV4aStkMmVqNDd0SVhxdTNDTUZOYTV2cDd1STVQelBKZmxXS2tjTEcva1dPbi9NNjBDbFg0NXVzRWxnb25mMTN3b2tKQkNXTXc0SlpqSnZaUTg2cUlHcFpucmt3d0hYenl4K2QyWTVoQ1R0VTE0YitOT3M2MkF6TnhBS0ZvaDN6cVRseXh6M0ltbkhiRGtpRzFmdi9EWkNTSlJKNFFJSW9UamRUYlZFUE44NUJUSENldlJxMnRjdXVFNXJNUXhnZU4ralVZZGtpVFUxOVJNVFFPY2ZjMytaSlNEdjdUVWdLYlQwek5ySjZ1bm1HRXJIenZld2cxVkZ0V3FnWC9Ic0xUWWRkQzdhd0NiVFZ2NDFVYnF2bzFCS1J6NzJ4WmFJQnVLMWx3OExaT3E2UkwrRndubEhpdHVjNHpmRjM1R2ROT2xJTUNWYnpEQlNQbUNIT2ZyV05WRk56c1NjMVNueEFwaWhVc3pHTjFxazk4d0U0cGJYMVJiL3orN0phL1hUUy9mRmtFOW1BL2FURDdvT3ZKMDd2WW8vTllQOEhPY3ZwaUNPbWNjaEVKWFF5Qk5SVDJHelJTczR2L3dCQXVhbW85ZnFieWlzdTg5V0ZGSWlRQVczZ2xUaU0yZy9OdUZTNHNBNE9yRkhFQnlKaVNGUT09LS1NenNIeVpIWi9ZWERKcjI0VmVEOUl3PT0%3D--ee7fde9b0094506a8b1729a7fae1ed7eab967682

1 Console Messages

Source Level URL
Text
network error URL: https://1click-on.eu/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1click-on.eu
api.cleverpush.com
deingewinn.mycleverpush.com
ed.traumbereich.com
fonts.googleapis.com
fonts.gstatic.com
mail.hopgp.com
region1.google-analytics.com
static.cleverpush.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.181.227
142.250.185.228
142.250.185.67
159.69.145.0
172.67.176.137
2001:4860:4802:32::36
2606:4700:20::681a:e1f
2606:4700:20::ac43:47b8
2a00:1450:4001:803::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:830::200e
45.156.90.8
63.34.47.244
0439122447204b780457fa57edd4a5acc7f6664f17c7578e3014cfccd971ed4f
046d73655eb275b276a5b08509b844ff72efcfc39e570751a34c708201cbd7c9
07128814095fb33072684b502631ff55b37731a1504a639746e5a44ba2a33346
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0eb504bf7f487432192f2f8a2a2a9c4f6a34e75bf710e7e91bf8870151e2b6fe
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
19a79b8a7607cd0c8f22c141ffe67fb1ce682e7100448a12549f33a7ea8ff445
1e72253a015456dce266327c2bd38934be30d1ea57253f7bff9c468bc107c908
38bf1871d594c86ea4d91d6f867b77138bc2c13c082a993e04e46f58a0b1c013
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40140ee3d8b17d59480c7257a7ac9bd0d92c9ec9c5a1edae18aa4277b7dbbdfd
456fea2a70c15ca0ffb471cce04df584a404fe2f6b247ff48b8b6ece8d009b4a
4d99c18018fde2d6060269d70d24f6ffc2435d83367c7e66b9b4f731ea551351
56ce488016e10e57ed18b91230364c9b44ac2d00cd4eb5ec89c816a3ec035665
5b986b4b15849ae5b70a2f1717e6c90ff917d28819045f29b1df622945aaa76e
6c3534e919b2d1054bc224481045dfc8c3d3df012ccb18453434ef976b05eff1
8116500852ca332f46f1b420df36dfb1860f9028dd1c3d9bb65fc9aefa75ee4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86914cb4fec67831a6c866a8c3934cff2688511a95354a6126b9b50be1259c6a
89908ac194675cb2581d7b35d7223915ec9cec97cbd22a3dbc45d8f4bedb0d0f
8fcfcdb4db086c5ac796f4f45e92bad3b5cad5689a10e1dbecf8bb3ddbb9138b
9e18d337984a9e65614fc8d898479bf198916ff59414c70720f891e9f36cd3a9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172
a9707f3ae906447b323c5f030d1d7cd5769177d7ba87440e257ab329854b31b4
aee88822b67db7e7c863a6ba2e751bbce73d63a0e3b50a528da0b82a45ecbbc5
b6b5dd129b4ce17915c8a82d9c3312c06190088e2fcc270874b9048001c661fc
c697709813701b68d0d5788322bb4bddd3e6bf9e8085bd10f8a6eee3c889b80a
c786995bf890f9ed1a8b1f75ac9db975905b2bad0c88421ebbbc56cf62ea2327
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d2fa827bc637d39c7dd0b0ae4cfebc4b6fdfc01daba8f8fd36241bb60ee5d3a3
d3aa5f7c7a36d0219f25eea299c8d1e896d03dcbe0c3455830d775e35f9f1da4
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d8e87710c0c3a6c2a24077a9b6c039560c4aba328a863839890bdaea51c228bc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f2f9468180c4d0b76ade2e64167259d13a3df53a6279fbb5370acf210be4d480
fd0aaa74f1d116bd31b67d39870824352b564e000b3675b749043dec7a322cbc