deine-tolle-preise.tolle-nachrichten.com Open in urlscan Pro
45.156.88.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.pstmrk.it/2ts/deine-tolle-preise.tolle-nachrichten.com%2Fconfirmation%2F391e7a68423c87addc8e9ace77d50d/tzY...
Effective URL:
https://deine-tolle-preise.tolle-nachrichten.com/
Submission: On July 06 via manual (July 6th 2022, 9:45:34 am UTC) from AT — Scanned from IT

Summary HTTP 54 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 54 HTTP transactions. The main IP is 45.156.88.10, located in Germany and belongs to ABUNTIS, DE. The main domain is deine-tolle-preise.tolle-nachrichten.com.
TLS certificate: Issued by R3 on May 20th 2022. Valid for: 3 months.

This is the only time deine-tolle-preise.tolle-nachrichten.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.208.176.175 52.208.176.175	16509 (AMAZON-02) (AMAZON-02)
1 6	45.156.88.10 45.156.88.10	211823 (ABUNTIS) (ABUNTIS)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	104.64.114.42 104.64.114.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	62.201.164.113 62.201.164.113	12731 (IPHH IPHH...) (IPHH IPHH Internet Port Hamburg GmbH)
24	130.0.76.153 130.0.76.153	42442 (ADACOR-AS) (ADACOR-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
12	46.167.166.60 46.167.166.60	42442 (ADACOR-AS) (ADACOR-AS)
7	62.201.164.102 62.201.164.102	12731 (IPHH IPHH...) (IPHH IPHH Internet Port Hamburg GmbH)
1	62.201.164.117 62.201.164.117	12731 (IPHH IPHH...) (IPHH IPHH Internet Port Hamburg GmbH)
54	10

1 52.208.176.175 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-176-175.eu-west-1.compute.amazonaws.com

click.pstmrk.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.156.88.10 (Germany) 1 redirects

ASN211823 (ABUNTIS, DE)

deine-tolle-preise.tolle-nachrichten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.114.42 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-114-42.deploy.static.akamaitechnologies.com

static.etracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.201.164.113 (Germany)

ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE)

code.etracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 130.0.76.153 (Germany)

ASN42442 (ADACOR-AS, DE)
PTR: 130-0-76-153.static.ip.adacor.net

api.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 46.167.166.60 (Germany)

ASN42442 (ADACOR-AS, DE)
PTR: 46-167-166-60.static.ip.adacor.net

identification-api.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
benefits.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
press-list-api.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
press-tracking-api.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 62.201.164.102 (Germany)

ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE)

api.signalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.201.164.117 (Germany)

ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE)

www.etracker.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	sovendus.com api.sovendus.com — Cisco Umbrella Rank: 318727 identification-api.sovendus.com — Cisco Umbrella Rank: 320085 benefits.sovendus.com — Cisco Umbrella Rank: 294253 assets.sovendus.com — Cisco Umbrella Rank: 291521 press-list-api.sovendus.com — Cisco Umbrella Rank: 528267 press-tracking-api.sovendus.com — Cisco Umbrella Rank: 363227	1 MB
7	signalize.com api.signalize.com — Cisco Umbrella Rank: 217371	16 KB
6	tolle-nachrichten.com 1 redirects deine-tolle-preise.tolle-nachrichten.com	878 KB
2	gstatic.com fonts.gstatic.com	45 KB
2	etracker.com static.etracker.com — Cisco Umbrella Rank: 76997 code.etracker.com — Cisco Umbrella Rank: 53641	30 KB
1	etracker.de www.etracker.de — Cisco Umbrella Rank: 46796	146 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	pstmrk.it 1 redirects click.pstmrk.it — Cisco Umbrella Rank: 47735	135 B
54	8

	Domain	Requested by
22	assets.sovendus.com	benefits.sovendus.com
8	benefits.sovendus.com	api.sovendus.com benefits.sovendus.com
7	api.signalize.com	code.etracker.com api.signalize.com static.etracker.com
6	deine-tolle-preise.tolle-nachrichten.com	1 redirects deine-tolle-preise.tolle-nachrichten.com
2	press-tracking-api.sovendus.com	api.sovendus.com
2	fonts.gstatic.com	fonts.googleapis.com
2	api.sovendus.com	deine-tolle-preise.tolle-nachrichten.com api.sovendus.com
1	press-list-api.sovendus.com	benefits.sovendus.com
1	www.etracker.de	static.etracker.com
1	identification-api.sovendus.com	api.sovendus.com
1	code.etracker.com	static.etracker.com
1	static.etracker.com	deine-tolle-preise.tolle-nachrichten.com
1	fonts.googleapis.com	deine-tolle-preise.tolle-nachrichten.com
1	click.pstmrk.it	1 redirects
54	14

This site contains links to these domains. Also see Links.

Domain
signalize.com

Subject Issuer	Validity	Valid
*.tolle-nachrichten.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.etracker.com DigiCert SHA2 Secure Server CA	`2022-02-05` - `2023-02-07`	a year	crt.sh
www.etracker.com GlobalSign RSA OV SSL CA 2018	`2022-04-22` - `2023-05-24`	a year	crt.sh
*.sovendus.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-06` - `2022-10-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.signalize.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-30` - `2022-09-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://deine-tolle-preise.tolle-nachrichten.com/
Frame ID: 21B87766027E29E2F432F38DC60454F7
Requests: 23 HTTP requests in this frame

Frame: https://benefits.sovendus.com/app-list/ssr/04c67468-01e1-4e5c-a207-eb81b08ded2c/65304e54-2e27-4688-a9b3-aa3fd875b3ef?trafficSourceNumber=2829&trafficMediumNumber=22&salutation=Mr.&zipCode=1120&country=AT&yearOfBirth=1998&sovToken=dKCMEox_5vWVSsP4g1GCuTGwJxF0h9ahzYeeU2mhOcLHu6Q7QibuvQoYeweJmOaJ9NnuUdWbqGEV9C7HgmRGBZXIV7fX5ykK5o-CX5ALUBsoUvpJd11HW-hl3ryj-QA6OaHlmftHmajiddB7jVs1Sto&sessionUuid=65304e54-2e27-4688-a9b3-aa3fd875b3ef&config=listLayout%3AoneColumnB%7CnoStorage%3Afalse%7CshowCustomHeaderBlock%3Atrue%7CscrollToIframe%3Atrue%7CshowHeaderGiftbox%3Atrue%7CcustomerSalutation%3AsalutationFormal%7CtextHighlight%3Afalse%7CcontingentDisturber%3Atrue%7CwordingB%3Afalse%7ChighlightFirstProduct%3Afalse%7CshowValidationIcons%3Afalse%7CproductShowType%3Asame%7CfixedIframe%3Afalse%7CcustomHeaderTitle%3AWelches%20Dankesch%C3%B6n%20m%C3%B6chten%20Sie%20als%20Belohnung%20f%C3%BCr%20die%20Teilnahme%20am%20Gewinnspiel%3F%7CuseElastic%3Afalse%7CisSecondaryList%3Afalse
Frame ID: FE1659AF74143BF1F6433B5BBAC50DED
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Softdrink-Gewinnspiel

Page URL History Show full URLs

https://click.pstmrk.it/2ts/deine-tolle-preise.tolle-nachrichten.com%2Fconfirmation%2F391e7a68423c87... HTTP 302
https://deine-tolle-preise.tolle-nachrichten.com/confirmation/391e7a68423c87addc8e9ace77d50d HTTP 302
https://deine-tolle-preise.tolle-nachrichten.com/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

54
Requests

100 %
HTTPS

20 %
IPv6

8
Domains

14
Subdomains

10
IPs

3
Countries

2007 kB
Transfer

3699 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://signalize.com/powered-by-signalize/
Title: Powered by Signalize

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.pstmrk.it/2ts/deine-tolle-preise.tolle-nachrichten.com%2Fconfirmation%2F391e7a68423c87addc8e9ace77d50d/tzY5RS8N/YR1h/QC3axTAZDS HTTP 302
https://deine-tolle-preise.tolle-nachrichten.com/confirmation/391e7a68423c87addc8e9ace77d50d HTTP 302
https://deine-tolle-preise.tolle-nachrichten.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
deine-tolle-preise.tolle-nachrichten.com/
Redirect Chain

https://click.pstmrk.it/2ts/deine-tolle-preise.tolle-nachrichten.com%2Fconfirmation%2F391e7a68423c87addc8e9ace77d50d/tzY5RS8N/YR1h/QC3axTAZDS
https://deine-tolle-preise.tolle-nachrichten.com/confirmation/391e7a68423c87addc8e9ace77d50d
https://deine-tolle-preise.tolle-nachrichten.com/

107 KB
31 KB

121ms
121ms

Document
text/html

45.156.88.10
ABUNTIS

General

Check archive.org

Show headers Download Go to

Full URL

https://deine-tolle-preise.tolle-nachrichten.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.88.10 , Germany, ASN211823 (ABUNTIS, DE),

Reverse DNS

Software

Resource Hash

5613cbf2fc2ce70542ae9bb0d12954f1f3d8acf1e2445f058ae3f306ec6e188c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 06 Jul 2022 09:45:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
status: 200 OK
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 4f1a96dd-f26b-4160-beac-b222603f9f98
x-runtime: 0.072269
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 06 Jul 2022 09:45:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://deine-tolle-preise.tolle-nachrichten.com/
pragma: no-cache
status: 302 Found
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 29e62bfc-fef9-4231-9999-e1ce1aa53286
x-runtime: 0.308077
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 117ms
43ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Heebo:wght@900&family=Luxurious+Script&display=swap

Requested by

Host: deine-tolle-preise.tolle-nachrichten.com
URL: https://deine-tolle-preise.tolle-nachrichten.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51f7be1a97ca7c99125bb6b3563f3e4b2e5c681f405c3e7bf9f81799c8576b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 09:45:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 09:45:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 09:45:27 GMT

GET
H2 200 page-441f49347bfd2ac9b05e800332689a05ee6490215252d43732dd46f9649e69df.css
deine-tolle-preise.tolle-nachrichten.com/assets/ 123 KB
123 KB 79ms
79ms Stylesheet
text/css 45.156.88.10
ABUNTIS

General

Check archive.org

Show headers Download Go to

Full URL: https://deine-tolle-preise.tolle-nachrichten.com/assets/page-441f49347bfd2ac9b05e800332689a05ee6490215252d43732dd46f9649e69df.css
Requested by: Host: deine-tolle-preise.tolle-nachrichten.com
URL: https://deine-tolle-preise.tolle-nachrichten.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.156.88.10 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: /
Resource Hash: 38bf1871d594c86ea4d91d6f867b77138bc2c13c082a993e04e46f58a0b1c013

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 06 Jul 2022 09:45:27 GMT
last-modified: Thu, 25 Jul 2019 11:27:03 GMT
accept-ranges: bytes
etag: "5d399207-1eab8"
content-length: 125624
content-type: text/css

GET
H2 200 page-127cf60f209a7f5c3d2b3bca348accc498161fe7b32b2e81b2b496a8ad249c3a.js Show response
deine-tolle-preise.tolle-nachrichten.com/assets/ 435 KB
435 KB 121ms
120ms Script
application/javascript 45.156.88.10
ABUNTIS

General

Check archive.org

Show headers Download Go to

Full URL: https://deine-tolle-preise.tolle-nachrichten.com/assets/page-127cf60f209a7f5c3d2b3bca348accc498161fe7b32b2e81b2b496a8ad249c3a.js
Requested by: Host: deine-tolle-preise.tolle-nachrichten.com
URL: https://deine-tolle-preise.tolle-nachrichten.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.156.88.10 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: /
Resource Hash: 127cf60f209a7f5c3d2b3bca348accc498161fe7b32b2e81b2b496a8ad249c3a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 06 Jul 2022 09:45:27 GMT
last-modified: Fri, 10 Jul 2020 09:25:25 GMT
accept-ranges: bytes
etag: "5f083405-6ca71"
content-length: 445041
content-type: application/javascript

GET
H2 200 e.js Show response
static.etracker.com/code/ 98 KB
27 KB 200ms
89ms Script
application/x-javascript 104.64.114.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.etracker.com/code/e.js

Requested by

Host: deine-tolle-preise.tolle-nachrichten.com
URL: https://deine-tolle-preise.tolle-nachrichten.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.64.114.42 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-114-42.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

ea2e0e472fe5ca7dff366da83cb93bffb8fa0d0c67b4480f6a01f4e86c786c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 06:18:01 GMT
server: AkamaiNetStorage
etag: "6a7b0d001a7121859dea4aee4f075daa:1656569881.854894"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 27536
x-xss-protection: 1
expires: Wed, 06 Jul 2022 13:45:27 GMT

GET
H2 200 1657100727-4.gif
deine-tolle-preise.tolle-nachrichten.com/views/ 43 B
1 KB 70ms
69ms Image
image/gif 45.156.88.10
ABUNTIS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deine-tolle-preise.tolle-nachrichten.com/views/1657100727-4.gif

Requested by

Host: deine-tolle-preise.tolle-nachrichten.com
URL: https://deine-tolle-preise.tolle-nachrichten.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.88.10 , Germany, ASN211823 (ABUNTIS, DE),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 09:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-request-id: 820338ff-e746-4fe4-a008-0f67017a761f
status: 200 OK
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store
content-transfer-encoding: binary
content-disposition: inline
x-xss-protection: 1; mode=block
x-runtime: 0.022717
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t.js Show response
code.etracker.com/ 7 KB
2 KB 230ms
54ms Script
text/javascript 62.201.164.113
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://code.etracker.com/t.js?v=10d821&et=PEgs9x

Requested by

Host: static.etracker.com
URL: https://static.etracker.com/code/e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

62.201.164.113 , Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),

Reverse DNS

Software

Apache /

Resource Hash

7dfdd9c0cde23d7aaf3a646ce1dfd741c2a49230e52ac59a589c87203dda04c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=15768000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 Jul 2022 09:45:28 GMT
server: Apache
date: Wed, 06 Jul 2022 09:45:28 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-store, no-cache, max-age=-3600, must-revalidate, post-check=0, pre-check=0
x-xss-protection: 1
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 flexibleIframe.js Show response
api.sovendus.com/sovabo/common/js/ 2 KB
1 KB 104ms
30ms Script
text/javascript 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sovendus.com/sovabo/common/js/flexibleIframe.js

Requested by

Host: deine-tolle-preise.tolle-nachrichten.com
URL: https://deine-tolle-preise.tolle-nachrichten.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

df3753fe890274cfcd1b934ad1c114055bbf2618d8105a2debe5f908d5104432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Jun 2022 09:21:56 GMT
server: nginx
etag: "337-5e05f6ba46852"
vary: Accept-encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 823
x-xss-protection: 1; mode=block

GET
H2 200 bg.jpg
deine-tolle-preise.tolle-nachrichten.com/system/uploads/plain_images/images/000/000/858/original/ 287 KB
287 KB 43ms
42ms Image
image/jpeg 45.156.88.10
ABUNTIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deine-tolle-preise.tolle-nachrichten.com/system/uploads/plain_images/images/000/000/858/original/bg.jpg?1639742534
Requested by: Host: deine-tolle-preise.tolle-nachrichten.com
URL: https://deine-tolle-preise.tolle-nachrichten.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.156.88.10 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: /
Resource Hash: f1420648f37e4e1b131ae157a75ac888233d73f1a5cae33a56ba11241f510a87

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 06 Jul 2022 09:45:27 GMT
last-modified: Fri, 17 Dec 2021 12:02:14 GMT
accept-ranges: bytes
etag: "61bc7c46-47af4"
content-length: 293620
content-type: image/jpeg

GET
H2 200 NGSpv5_NC0k9P_v6ZUCbLRAHxK1EICusdUmm.woff2
fonts.gstatic.com/s/heebo/v20/ 10 KB
11 KB 112ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v20/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EICusdUmm.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@900&family=Luxurious+Script&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ffb7f233d0157f8510c2b42da70227cad9243d81930c080b0dd978e6d1c6951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deine-tolle-preise.tolle-nachrichten.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 17:30:49 GMT
x-content-type-options: nosniff
age: 58479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10304
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:44:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:30:49 GMT

GET
H2 200 ahcCv9e7yydulT32KZ0rBIoD7DzMs03Ebg.woff2
fonts.gstatic.com/s/luxuriousscript/v5/ 34 KB
35 KB 112ms
42ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/luxuriousscript/v5/ahcCv9e7yydulT32KZ0rBIoD7DzMs03Ebg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@900&family=Luxurious+Script&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67c622283578635f1a0f4a16969111e3972a3858b14700991a99d98614bcdbc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deine-tolle-preise.tolle-nachrichten.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:53:04 GMT
x-content-type-options: nosniff
age: 3144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35320
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:45:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 08:53:04 GMT

GET
H2 200 sovendus.js Show response
api.sovendus.com/js/ 73 KB
17 KB 60ms
60ms Script
text/javascript 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sovendus.com/js/sovendus.js?v=544721c8-2ef6-5669-85bb-b159e972101b

Requested by

Host: api.sovendus.com
URL: https://api.sovendus.com/sovabo/common/js/flexibleIframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

f56296006b83adeeac98db7999a9ec19a0feb6b4fc5efc79c79c3f90073db291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 01 Jun 2022 09:21:44 GMT
server: nginx
etag: "4274-5e05f6af2d74a"
vary: Accept-encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 17012
x-xss-protection: 1; mode=block

POST
H2 200 token Show response
identification-api.sovendus.com/ 1 KB
1 KB 171ms
97ms XHR
application/json 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://identification-api.sovendus.com/token

Requested by

Host: api.sovendus.com
URL: https://api.sovendus.com/js/sovendus.js?v=544721c8-2ef6-5669-85bb-b159e972101b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

f84d18d8bf2714211dbf8f8179061cd53ef1fdbd969fa070cf40c31707ccdc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deine-tolle-preise.tolle-nachrichten.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://deine-tolle-preise.tolle-nachrichten.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 signalize.min.js Show response
api.signalize.com/accounts/XPEgs9x/ 18 KB
6 KB 226ms
56ms Script
application/javascript 62.201.164.102
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.signalize.com/accounts/XPEgs9x/signalize.min.js

Requested by

Host: code.etracker.com
URL: https://code.etracker.com/t.js?v=10d821&et=PEgs9x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

62.201.164.102 , Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),

Reverse DNS

Software

Resource Hash

7b25ebe48ace983d2e53081083e06eb8901255843b8d70b6411658908adda88c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://.signalize.com https://.etracker.com https://*.etracker.de 'unsafe-inline'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: W/"4788-ON1+iD4ZQwHjh0ubx2mjNF7Nsf0"
x-x-backend: noti-parrot
x-xss-protection: 1
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
x-frame-options: DENY
date: Wed, 06 Jul 2022 09:45:28 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; encrypted-media 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; vr 'none'
content-security-policy: script-src 'self' https://*.signalize.com https://*.etracker.com https://*.etracker.de 'unsafe-inline'
x-content-type-options: nosniff
expires: 0

GET
H2 200 cntcc Show response
www.etracker.de/ 2 B
146 B 222ms
58ms Script
application/javascript 62.201.164.117
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.etracker.de/cntcc?&&et=PEgs9x&v=5.0&tc=16571007282232&pagename=Softdrink-Gewinnspiel&ilevel=1&cc_url=https%3A%2F%2Fdeine-tolle-preise.tolle-nachrichten.com%2F&et_source_url=https%3A%2F%2Fdeine-tolle-preise.tolle-nachrichten.com%2F&cc_ordercurr=EUR&cc_ordertype=lead&cc_baskettype=basket&product_identifier=hasSignalizeOnly&block_cookies=true&respect_dnt=true&et_bs=1&et_sbscr=0&coid=15c3c58dcca866e6f916a163a0d3189a&et_cblk=1&et_cd=deine-tolle-preise.tolle-nachrichten.com&dh=fSzzFKFBVg3TnnXWI9VGT%2Bfrv1N0WZ3M&clt=24
Requested by: Host: static.etracker.com
URL: https://static.etracker.com/code/e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.201.164.117 , Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),
Reverse DNS
Software: /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
cache-control: post-check=0, pre-check=0, no-store, no-cache, must-revalidate
last-modified: Wed, 06 Jul 2022 09:45:28 GMT
content-length: 2
content-type: application/javascript

GET
H2 200 65304e54-2e27-4688-a9b3-aa3fd875b3ef Show response
benefits.sovendus.com/app-list/ssr/04c67468-01e1-4e5c-a207-eb81b08ded2c/ Frame FE16 88 KB
15 KB 446ms
437ms Document
text/html 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.sovendus.com/app-list/ssr/04c67468-01e1-4e5c-a207-eb81b08ded2c/65304e54-2e27-4688-a9b3-aa3fd875b3ef?trafficSourceNumber=2829&trafficMediumNumber=22&salutation=Mr.&zipCode=1120&country=AT&yearOfBirth=1998&sovToken=dKCMEox_5vWVSsP4g1GCuTGwJxF0h9ahzYeeU2mhOcLHu6Q7QibuvQoYeweJmOaJ9NnuUdWbqGEV9C7HgmRGBZXIV7fX5ykK5o-CX5ALUBsoUvpJd11HW-hl3ryj-QA6OaHlmftHmajiddB7jVs1Sto&sessionUuid=65304e54-2e27-4688-a9b3-aa3fd875b3ef&config=listLayout%3AoneColumnB%7CnoStorage%3Afalse%7CshowCustomHeaderBlock%3Atrue%7CscrollToIframe%3Atrue%7CshowHeaderGiftbox%3Atrue%7CcustomerSalutation%3AsalutationFormal%7CtextHighlight%3Afalse%7CcontingentDisturber%3Atrue%7CwordingB%3Afalse%7ChighlightFirstProduct%3Afalse%7CshowValidationIcons%3Afalse%7CproductShowType%3Asame%7CfixedIframe%3Afalse%7CcustomHeaderTitle%3AWelches%20Dankesch%C3%B6n%20m%C3%B6chten%20Sie%20als%20Belohnung%20f%C3%BCr%20die%20Teilnahme%20am%20Gewinnspiel%3F%7CuseElastic%3Afalse%7CisSecondaryList%3Afalse

Requested by

Host: api.sovendus.com
URL: https://api.sovendus.com/js/sovendus.js?v=544721c8-2ef6-5669-85bb-b159e972101b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx / Express

Resource Hash

f0b13094e9a970c71de9352055e2194f32a8ed1f50c207a238de72e1d8663bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deine-tolle-preise.tolle-nachrichten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 06 Jul 2022 09:45:28 GMT
etag: W/"15ec8-lOuTd2aOgDra6kH3TIYXoM6Z618-gzip"
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 479168 Show response
api.signalize.com/api/v1/push/key/get-current/ 88 B
695 B 211ms
55ms Fetch
application/json 62.201.164.102
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.signalize.com/api/v1/push/key/get-current/479168

Requested by

Host: api.signalize.com
URL: https://api.signalize.com/accounts/XPEgs9x/signalize.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

62.201.164.102 , Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),

Reverse DNS

Software

Resource Hash

1b84ed01781c9dee02bc6d630a785c620e5de0a5fec482b6f53bdb67127a51ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://.signalize.com https://.etracker.com https://*.etracker.de 'unsafe-inline'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-x-backend: party-parrot
content-length: 88
x-xss-protection: 1
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
x-frame-options: DENY
date: Wed, 06 Jul 2022 09:45:28 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; encrypted-media 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; vr 'none'
content-security-policy: script-src 'self' https://*.signalize.com https://*.etracker.com https://*.etracker.de 'unsafe-inline'
expires: 0

GET
H2 200 styles.207153f3b84f9c63.css
benefits.sovendus.com/app-list/ Frame FE16 162 KB
20 KB 31ms
31ms Stylesheet
text/css 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.sovendus.com/app-list/styles.207153f3b84f9c63.css

Requested by

Host: benefits.sovendus.com
URL: https://benefits.sovendus.com/app-list/ssr/04c67468-01e1-4e5c-a207-eb81b08ded2c/65304e54-2e27-4688-a9b3-aa3fd875b3ef?trafficSourceNumber=2829&trafficMediumNumber=22&salutation=Mr.&zipCode=1120&country=AT&yearOfBirth=1998&sovToken=dKCMEox_5vWVSsP4g1GCuTGwJxF0h9ahzYeeU2mhOcLHu6Q7QibuvQoYeweJmOaJ9NnuUdWbqGEV9C7HgmRGBZXIV7fX5ykK5o-CX5ALUBsoUvpJd11HW-hl3ryj-QA6OaHlmftHmajiddB7jVs1Sto&sessionUuid=65304e54-2e27-4688-a9b3-aa3fd875b3ef&config=listLayout%3AoneColumnB%7CnoStorage%3Afalse%7CshowCustomHeaderBlock%3Atrue%7CscrollToIframe%3Atrue%7CshowHeaderGiftbox%3Atrue%7CcustomerSalutation%3AsalutationFormal%7CtextHighlight%3Afalse%7CcontingentDisturber%3Atrue%7CwordingB%3Afalse%7ChighlightFirstProduct%3Afalse%7CshowValidationIcons%3Afalse%7CproductShowType%3Asame%7CfixedIframe%3Afalse%7CcustomHeaderTitle%3AWelches%20Dankesch%C3%B6n%20m%C3%B6chten%20Sie%20als%20Belohnung%20f%C3%BCr%20die%20Teilnahme%20am%20Gewinnspiel%3F%7CuseElastic%3Afalse%7CisSecondaryList%3Afalse

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

de375dcc9a236b95a5f6b320b13014e978da7b612933b5970b4cd0ae85c326a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/app-list/ssr/04c67468-01e1-4e5c-a207-eb81b08ded2c/65304e54-2e27-4688-a9b3-aa3fd875b3ef?trafficSourceNumber=2829&trafficMediumNumber=22&salutation=Mr.&zipCode=1120&country=AT&yearOfBirth=1998&sovToken=dKCMEox_5vWVSsP4g1GCuTGwJxF0h9ahzYeeU2mhOcLHu6Q7QibuvQoYeweJmOaJ9NnuUdWbqGEV9C7HgmRGBZXIV7fX5ykK5o-CX5ALUBsoUvpJd11HW-hl3ryj-QA6OaHlmftHmajiddB7jVs1Sto&sessionUuid=65304e54-2e27-4688-a9b3-aa3fd875b3ef&config=listLayout%3AoneColumnB%7CnoStorage%3Afalse%7CshowCustomHeaderBlock%3Atrue%7CscrollToIframe%3Atrue%7CshowHeaderGiftbox%3Atrue%7CcustomerSalutation%3AsalutationFormal%7CtextHighlight%3Afalse%7CcontingentDisturber%3Atrue%7CwordingB%3Afalse%7ChighlightFirstProduct%3Afalse%7CshowValidationIcons%3Afalse%7CproductShowType%3Asame%7CfixedIframe%3Afalse%7CcustomHeaderTitle%3AWelches%20Dankesch%C3%B6n%20m%C3%B6chten%20Sie%20als%20Belohnung%20f%C3%BCr%20die%20Teilnahme%20am%20Gewinnspiel%3F%7CuseElastic%3Afalse%7CisSecondaryList%3Afalse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 06:35:14 GMT
server: nginx
etag: "4f44-5e2f4f0414e9d"
vary: Accept-encoding
x-cache: HIT
content-type: text/css
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 20292
x-xss-protection: 1; mode=block

GET
H2 200 921b5877-e782-4cf5-ab6b-83ed6d1dab3d.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 19 KB
19 KB 99ms
92ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/921b5877-e782-4cf5-ab6b-83ed6d1dab3d.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

ed53e4594b16a157a4d8a23d981a43a83eb2f3f75fa93d76d57aacc848ec7184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 17 Dec 2021 12:14:33 GMT
server: nginx
etag: "61bc7f29-4b9d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 19357
x-xss-protection: 1; mode=block

GET
H2 200 f67a3f1f-8c8a-468a-853a-89177ce72b60.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 14 KB
14 KB 96ms
92ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/f67a3f1f-8c8a-468a-853a-89177ce72b60.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

daca36bf0de42476fb3dcbc3f10b97744bd4481953519c446d52a228da85eea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 May 2022 10:58:03 GMT
server: nginx
etag: "627a453b-36b6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14006
x-xss-protection: 1; mode=block

GET
H2 200 9fa29740-3329-4cc3-8717-e0c1e914dafd.png
assets.sovendus.com/images/template/teaserImage/ Frame FE16 36 KB
36 KB 96ms
93ms Image
image/png 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/9fa29740-3329-4cc3-8717-e0c1e914dafd.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

d44f8654b5047b79cd743cf1ce578c8c94153db42ec5df66919bfe96ee7d116c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 13:23:39 GMT
server: nginx
etag: "610008db-8f28"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 36648
x-xss-protection: 1; mode=block

GET
H2 200 834270ec-d840-4650-8379-ae743a766551.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 13 KB
14 KB 96ms
92ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/834270ec-d840-4650-8379-ae743a766551.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

d4e59fd80fcfc26163749bd6602a90eb595bda3288847bce4ed501b71f56bf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jul 2022 06:25:51 GMT
server: nginx
etag: "62c52aef-355d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 13661
x-xss-protection: 1; mode=block

GET
H2 200 4b393f7e-a44a-4452-900e-3ae3a7ad7ecc.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 12 KB
12 KB 94ms
91ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/4b393f7e-a44a-4452-900e-3ae3a7ad7ecc.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

8476bced89555bef6798c51772af16ff21d639824579fd10a44f4362dc66bc8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jul 2022 06:26:49 GMT
server: nginx
etag: "62c52b29-2e9f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11935
x-xss-protection: 1; mode=block

GET
H2 200 211f9c31-c619-46bd-9bde-4586326875b4.png
assets.sovendus.com/images/template/teaserImage/ Frame FE16 44 KB
45 KB 63ms
60ms Image
image/png 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/211f9c31-c619-46bd-9bde-4586326875b4.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

f36c2b1c0cd20905ccbfb49d5bf5a953561974f705a1dbdbeca9fabf0586a828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Dec 2021 11:57:25 GMT
server: nginx
etag: "61b73525-b19f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 45471
x-xss-protection: 1; mode=block

GET
H2 200 af229e83-df8d-4aeb-9c89-95e8ee22f495.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 19 KB
19 KB 33ms
31ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/af229e83-df8d-4aeb-9c89-95e8ee22f495.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

3c85950f4d6d801f156f6713a7c77afe9e8e9f43e7105d852d31857d7279fe81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Aug 2020 09:33:28 GMT
server: nginx
etag: "5f33b768-4bad"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 19373
x-xss-protection: 1; mode=block

GET
H2 200 83e16a24-df4c-46f3-9466-c43bbb460c34.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 15 KB
15 KB 91ms
90ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/83e16a24-df4c-46f3-9466-c43bbb460c34.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

ccf1de85edd34e8dcc00caeb9bc7a83f9dc767fe624095fbea08c4afdf42d18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Apr 2022 09:57:19 GMT
server: nginx
etag: "624eb57f-3acc"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15052
x-xss-protection: 1; mode=block

GET
H2 200 978b77fc-b9c3-4947-a4b3-d8b95c9fa4b4.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 15 KB
15 KB 60ms
59ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/978b77fc-b9c3-4947-a4b3-d8b95c9fa4b4.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

1de961ad89108391d87742b67a354e00229edbcd9fee492f5d39107e76aa031d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 13:38:52 GMT
server: nginx
etag: "6256d26c-3acc"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15052
x-xss-protection: 1; mode=block

GET
H2 200 cee44976-9172-47d3-968f-f1cc3723e75d.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 18 KB
18 KB 89ms
87ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/cee44976-9172-47d3-968f-f1cc3723e75d.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

2d2e0d247a3312503d06d7acd69fa4bc2337b54df7889ff5f86c34868df1a987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 15:03:23 GMT
server: nginx
etag: "626020bb-47b6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 18358
x-xss-protection: 1; mode=block

GET
H2 200 d7b07bb4-8a76-4f81-aa43-388d45e95406.png
assets.sovendus.com/images/template/teaserImage/ Frame FE16 52 KB
52 KB 57ms
55ms Image
image/png 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/d7b07bb4-8a76-4f81-aa43-388d45e95406.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

4dee7b3eee7ee9e825de2667c8ee1ff0b28bc1cb92c0ff8c1718e782813dcf7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Jun 2022 08:59:33 GMT
server: nginx
etag: "62b97175-ce8d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 52877
x-xss-protection: 1; mode=block

GET
H2 200 ff1fa6f5-39ba-4941-8f61-d36116046933.png
assets.sovendus.com/images/template/teaserImage/ Frame FE16 40 KB
40 KB 92ms
90ms Image
image/png 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/ff1fa6f5-39ba-4941-8f61-d36116046933.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

d9b4834099796a8f64ce5d8c770480a77cfa21a9e45855f61035c24e4dcec8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 13:11:55 GMT
server: nginx
etag: "6070529b-9f81"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 40833
x-xss-protection: 1; mode=block

GET
H2 200 04fda51e-0e2c-42cf-90c9-e90871410c99.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 15 KB
15 KB 61ms
59ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/04fda51e-0e2c-42cf-90c9-e90871410c99.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

ac6d01412496b0e611903947dfc3a94e4543f3554f653169bf0342f507aa1576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Nov 2019 10:36:25 GMT
server: nginx
etag: "5dc150a9-3a41"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14913
x-xss-protection: 1; mode=block

GET
H2 200 cdfb2295-5f87-48a3-8044-b63a67283469.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 20 KB
20 KB 58ms
56ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/cdfb2295-5f87-48a3-8044-b63a67283469.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

897e3ec2ff7573ff99f095b85d48bcc43cce841f391a8e028f56e6d4eac6b65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 11:42:57 GMT
server: nginx
etag: "5f649d41-4ed7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20183
x-xss-protection: 1; mode=block

GET
H2 200 40335cf9-416c-48f0-a94c-05aa006bf79c.jpg
assets.sovendus.com/images/template/teaserImage/ Frame FE16 15 KB
15 KB 91ms
89ms Image
image/jpeg 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/40335cf9-416c-48f0-a94c-05aa006bf79c.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

9b2b78b145e52b7d722eca6438fe2ff364feb69d30cb465e8cf30c3b050529f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 13:19:10 GMT
server: nginx
etag: "5e32d7ce-3bb1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15281
x-xss-protection: 1; mode=block

GET
H2 200 09be8362-6c2c-4705-8d70-08c0d18065a1.png
assets.sovendus.com/images/template/teaserImage/ Frame FE16 51 KB
51 KB 88ms
86ms Image
image/png 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/09be8362-6c2c-4705-8d70-08c0d18065a1.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

36591a851681354e9411fbc17304dea3a2472d3437da19ad888b0a7eb277eedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 14:30:58 GMT
server: nginx
etag: "606f13a2-cb91"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 52113
x-xss-protection: 1; mode=block

GET
H2 200 5b91b721-a1e1-4f50-b6ff-f273c6d6a180.png
assets.sovendus.com/images/template/teaserImage/ Frame FE16 48 KB
49 KB 90ms
88ms Image
image/png 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/5b91b721-a1e1-4f50-b6ff-f273c6d6a180.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

b36fee3fd97e19c8ea30265b975af36c92156f21c20f1581644b936a01e34716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 14:30:32 GMT
server: nginx
etag: "606f1388-c193"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 49555
x-xss-protection: 1; mode=block

GET
H2 200 29532c20-1730-487f-9361-ba45296e4519.png
assets.sovendus.com/images/template/teaserImage/ Frame FE16 52 KB
53 KB 60ms
58ms Image
image/png 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/29532c20-1730-487f-9361-ba45296e4519.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

a623035480cd63c048f150330143276c97d089d00cbf0384f82feaaad0e60bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 14:27:55 GMT
server: nginx
etag: "606f12eb-d0d5"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 53461
x-xss-protection: 1; mode=block

GET
H2 200 fcef36a1-1e57-4a5b-b6e0-527ba1124eed.png
assets.sovendus.com/images/template/teaserImage/ Frame FE16 58 KB
58 KB 91ms
89ms Image
image/png 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/fcef36a1-1e57-4a5b-b6e0-527ba1124eed.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

fdf3169241b3ce94a0b2b4a934411baba06a1fc5d123aa2e72e20712b8a2412c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Jun 2022 08:57:15 GMT
server: nginx
etag: "62bc13eb-e752"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 59218
x-xss-protection: 1; mode=block

GET
H2 200 0a25160f-23c5-4e45-960a-769c82108fec.png
assets.sovendus.com/images/template/teaserImage/ Frame FE16 51 KB
51 KB 60ms
58ms Image
image/png 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/template/teaserImage/0a25160f-23c5-4e45-960a-769c82108fec.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

77397eb7a87d657b199e994753c75c4854f3b6c6833baf5cd7cbdb4988cb1086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Jun 2022 07:08:09 GMT
server: nginx
etag: "62b95759-ca58"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 51800
x-xss-protection: 1; mode=block

GET
H2 200 753e723c-6bbe-48ef-b326-92011512c656
press-list-api.sovendus.com/listDisplayed/04c67468-01e1-4e5c-a207-eb81b08ded2c/ Frame FE16 89 B
288 B 100ms
90ms Image
image/png 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://press-list-api.sovendus.com/listDisplayed/04c67468-01e1-4e5c-a207-eb81b08ded2c/753e723c-6bbe-48ef-b326-92011512c656

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

fbec19477bc80bf0e24c911232414f36bf545062c4f57257aa817e10acdd09be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: no-cache, private
vary: Origin
content-length: 89
x-xss-protection: 1; mode=block

GET
H2 200 logo_sovendus.svg
assets.sovendus.com/images/ Frame FE16 3 KB
3 KB 59ms
57ms Image
image/svg+xml 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/logo_sovendus.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

d1d730c48e41b79bcbef2706263ee9219de2f4adad095ebb0ca9dcfa09049260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 12:46:43 GMT
server: nginx
etag: "60801eb3-ac4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2756
x-xss-protection: 1; mode=block

GET
H2 200 runtime.7afebf76df1b1416.js Show response
benefits.sovendus.com/app-list/ Frame FE16 3 KB
2 KB 32ms
31ms Script
text/javascript 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.sovendus.com/app-list/runtime.7afebf76df1b1416.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

dbf5b9147594befab221bbcd659a106b978e67fa7675842090718e044c6f69bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.sovendus.com/app-list/ssr/04c67468-01e1-4e5c-a207-eb81b08ded2c/65304e54-2e27-4688-a9b3-aa3fd875b3ef?trafficSourceNumber=2829&trafficMediumNumber=22&salutation=Mr.&zipCode=1120&country=AT&yearOfBirth=1998&sovToken=dKCMEox_5vWVSsP4g1GCuTGwJxF0h9ahzYeeU2mhOcLHu6Q7QibuvQoYeweJmOaJ9NnuUdWbqGEV9C7HgmRGBZXIV7fX5ykK5o-CX5ALUBsoUvpJd11HW-hl3ryj-QA6OaHlmftHmajiddB7jVs1Sto&sessionUuid=65304e54-2e27-4688-a9b3-aa3fd875b3ef&config=listLayout%3AoneColumnB%7CnoStorage%3Afalse%7CshowCustomHeaderBlock%3Atrue%7CscrollToIframe%3Atrue%7CshowHeaderGiftbox%3Atrue%7CcustomerSalutation%3AsalutationFormal%7CtextHighlight%3Afalse%7CcontingentDisturber%3Atrue%7CwordingB%3Afalse%7ChighlightFirstProduct%3Afalse%7CshowValidationIcons%3Afalse%7CproductShowType%3Asame%7CfixedIframe%3Afalse%7CcustomHeaderTitle%3AWelches%20Dankesch%C3%B6n%20m%C3%B6chten%20Sie%20als%20Belohnung%20f%C3%BCr%20die%20Teilnahme%20am%20Gewinnspiel%3F%7CuseElastic%3Afalse%7CisSecondaryList%3Afalse
Origin: https://benefits.sovendus.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 06:35:13 GMT
server: nginx
etag: "670-5e2f4f0348cf2"
vary: Accept-encoding
x-cache: HIT
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 1648
x-xss-protection: 1; mode=block

GET
H2 200 polyfills.f4371461b37339e5.js Show response
benefits.sovendus.com/app-list/ Frame FE16 241 KB
69 KB 47ms
46ms Script
text/javascript 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.sovendus.com/app-list/polyfills.f4371461b37339e5.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

a6fca6eb8e91a45fa8b8ebe0b9847fb646b4c7e59cdc9394fcbc82086241e5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.sovendus.com/app-list/ssr/04c67468-01e1-4e5c-a207-eb81b08ded2c/65304e54-2e27-4688-a9b3-aa3fd875b3ef?trafficSourceNumber=2829&trafficMediumNumber=22&salutation=Mr.&zipCode=1120&country=AT&yearOfBirth=1998&sovToken=dKCMEox_5vWVSsP4g1GCuTGwJxF0h9ahzYeeU2mhOcLHu6Q7QibuvQoYeweJmOaJ9NnuUdWbqGEV9C7HgmRGBZXIV7fX5ykK5o-CX5ALUBsoUvpJd11HW-hl3ryj-QA6OaHlmftHmajiddB7jVs1Sto&sessionUuid=65304e54-2e27-4688-a9b3-aa3fd875b3ef&config=listLayout%3AoneColumnB%7CnoStorage%3Afalse%7CshowCustomHeaderBlock%3Atrue%7CscrollToIframe%3Atrue%7CshowHeaderGiftbox%3Atrue%7CcustomerSalutation%3AsalutationFormal%7CtextHighlight%3Afalse%7CcontingentDisturber%3Atrue%7CwordingB%3Afalse%7ChighlightFirstProduct%3Afalse%7CshowValidationIcons%3Afalse%7CproductShowType%3Asame%7CfixedIframe%3Afalse%7CcustomHeaderTitle%3AWelches%20Dankesch%C3%B6n%20m%C3%B6chten%20Sie%20als%20Belohnung%20f%C3%BCr%20die%20Teilnahme%20am%20Gewinnspiel%3F%7CuseElastic%3Afalse%7CisSecondaryList%3Afalse
Origin: https://benefits.sovendus.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 06:35:13 GMT
server: nginx
etag: "113f9-5e2f4f0342f32"
vary: Accept-encoding
x-cache: HIT
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 70649
x-xss-protection: 1; mode=block

GET
H2 200 main.1d9309569e2744b7.js Show response
benefits.sovendus.com/app-list/ Frame FE16 1 MB
272 KB 62ms
61ms Script
text/javascript 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.sovendus.com/app-list/main.1d9309569e2744b7.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

67ba5a795b45d0546889b7bca9d2d7440c0e6374e74a6aa29f26bd4f7ff7e66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.sovendus.com/app-list/ssr/04c67468-01e1-4e5c-a207-eb81b08ded2c/65304e54-2e27-4688-a9b3-aa3fd875b3ef?trafficSourceNumber=2829&trafficMediumNumber=22&salutation=Mr.&zipCode=1120&country=AT&yearOfBirth=1998&sovToken=dKCMEox_5vWVSsP4g1GCuTGwJxF0h9ahzYeeU2mhOcLHu6Q7QibuvQoYeweJmOaJ9NnuUdWbqGEV9C7HgmRGBZXIV7fX5ykK5o-CX5ALUBsoUvpJd11HW-hl3ryj-QA6OaHlmftHmajiddB7jVs1Sto&sessionUuid=65304e54-2e27-4688-a9b3-aa3fd875b3ef&config=listLayout%3AoneColumnB%7CnoStorage%3Afalse%7CshowCustomHeaderBlock%3Atrue%7CscrollToIframe%3Atrue%7CshowHeaderGiftbox%3Atrue%7CcustomerSalutation%3AsalutationFormal%7CtextHighlight%3Afalse%7CcontingentDisturber%3Atrue%7CwordingB%3Afalse%7ChighlightFirstProduct%3Afalse%7CshowValidationIcons%3Afalse%7CproductShowType%3Asame%7CfixedIframe%3Afalse%7CcustomHeaderTitle%3AWelches%20Dankesch%C3%B6n%20m%C3%B6chten%20Sie%20als%20Belohnung%20f%C3%BCr%20die%20Teilnahme%20am%20Gewinnspiel%3F%7CuseElastic%3Afalse%7CisSecondaryList%3Afalse
Origin: https://benefits.sovendus.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 06:35:12 GMT
server: nginx
etag: "43c2e-5e2f4f01f2080"
vary: Accept-encoding
x-cache: HIT
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 277550
x-xss-protection: 1; mode=block

GET
H2 200 2771.css
benefits.sovendus.com/app-list/ Frame FE16 2 KB
802 B 61ms
61ms Stylesheet
text/css 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.sovendus.com/app-list/2771.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

157749c0ad9b827ad06bffc799178d4b7bda29a3cdd5aff3669ad9fb4dff83d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/app-list/ssr/04c67468-01e1-4e5c-a207-eb81b08ded2c/65304e54-2e27-4688-a9b3-aa3fd875b3ef?trafficSourceNumber=2829&trafficMediumNumber=22&salutation=Mr.&zipCode=1120&country=AT&yearOfBirth=1998&sovToken=dKCMEox_5vWVSsP4g1GCuTGwJxF0h9ahzYeeU2mhOcLHu6Q7QibuvQoYeweJmOaJ9NnuUdWbqGEV9C7HgmRGBZXIV7fX5ykK5o-CX5ALUBsoUvpJd11HW-hl3ryj-QA6OaHlmftHmajiddB7jVs1Sto&sessionUuid=65304e54-2e27-4688-a9b3-aa3fd875b3ef&config=listLayout%3AoneColumnB%7CnoStorage%3Afalse%7CshowCustomHeaderBlock%3Atrue%7CscrollToIframe%3Atrue%7CshowHeaderGiftbox%3Atrue%7CcustomerSalutation%3AsalutationFormal%7CtextHighlight%3Afalse%7CcontingentDisturber%3Atrue%7CwordingB%3Afalse%7ChighlightFirstProduct%3Afalse%7CshowValidationIcons%3Afalse%7CproductShowType%3Asame%7CfixedIframe%3Afalse%7CcustomHeaderTitle%3AWelches%20Dankesch%C3%B6n%20m%C3%B6chten%20Sie%20als%20Belohnung%20f%C3%BCr%20die%20Teilnahme%20am%20Gewinnspiel%3F%7CuseElastic%3Afalse%7CisSecondaryList%3Afalse
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 06:35:00 GMT
server: nginx
etag: "20b-5e2f4ef6a6645"
vary: Accept-encoding
x-cache: HIT
content-type: text/css
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 523
x-xss-protection: 1; mode=block

GET
H2 200 default.png
assets.sovendus.com/images/templates/giftbox/ Frame FE16 16 KB
16 KB 34ms
32ms Image
image/png 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.sovendus.com/images/templates/giftbox/default.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

19ad7bf9fc1d13354b68ce1f35aac4712df9e4ff8631258b15c6c4daa58ff461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://benefits.sovendus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2019 14:25:17 GMT
server: nginx
etag: "5d653d4d-409a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16538
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame FE16 441 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a536ecfd4c5c0a074b73216df76016492b2772e2d657c134311960a598338cc1

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 track-first-paint
press-tracking-api.sovendus.com/ 0
0 56ms
44ms Ping
text/html 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://press-tracking-api.sovendus.com/track-first-paint
Requested by: Host: api.sovendus.com
URL: https://api.sovendus.com/js/sovendus.js?v=544721c8-2ef6-5669-85bb-b159e972101b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),
Reverse DNS: 46-167-166-60.static.ip.adacor.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://deine-tolle-preise.tolle-nachrichten.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 479168 Show response
api.signalize.com/banners/accounts/ 19 KB
4 KB 93ms
91ms Script
application/javascript 62.201.164.102
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.signalize.com/banners/accounts/479168?url=https%3A%2F%2Fdeine-tolle-preise.tolle-nachrichten.com%2F&lang=en-US&oneStep=true

Requested by

Host: static.etracker.com
URL: https://static.etracker.com/code/e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

62.201.164.102 , Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),

Reverse DNS

Software

Resource Hash

cba57b4f81dc371abfd7dfb1a87d2859b84da6cd4f6f3754af3e126b6e999595

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://.signalize.com https://.etracker.com https://*.etracker.de 'unsafe-inline'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=15768000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Jul 2022 09:45:28 GMT
x-frame-options: DENY
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; encrypted-media 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; vr 'none'
x-x-backend: heracles
content-security-policy: script-src 'self' https://*.signalize.com https://*.etracker.com https://*.etracker.de 'unsafe-inline'
vary: accept-encoding
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
expires: 0

GET
H2 200 56466.60d4d5f79cdf5621.js Show response
benefits.sovendus.com/app-list/ Frame FE16 17 KB
5 KB 31ms
30ms Script
text/javascript 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.sovendus.com/app-list/56466.60d4d5f79cdf5621.js

Requested by

Host: benefits.sovendus.com
URL: https://benefits.sovendus.com/app-list/runtime.7afebf76df1b1416.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

dc058b9955017088334f01bf94281941cf5d496806cbe0e4e90a1ca003f1241a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.sovendus.com/app-list/ssr/04c67468-01e1-4e5c-a207-eb81b08ded2c/65304e54-2e27-4688-a9b3-aa3fd875b3ef?trafficSourceNumber=2829&trafficMediumNumber=22&salutation=Mr.&zipCode=1120&country=AT&yearOfBirth=1998&sovToken=dKCMEox_5vWVSsP4g1GCuTGwJxF0h9ahzYeeU2mhOcLHu6Q7QibuvQoYeweJmOaJ9NnuUdWbqGEV9C7HgmRGBZXIV7fX5ykK5o-CX5ALUBsoUvpJd11HW-hl3ryj-QA6OaHlmftHmajiddB7jVs1Sto&sessionUuid=65304e54-2e27-4688-a9b3-aa3fd875b3ef&config=listLayout%3AoneColumnB%7CnoStorage%3Afalse%7CshowCustomHeaderBlock%3Atrue%7CscrollToIframe%3Atrue%7CshowHeaderGiftbox%3Atrue%7CcustomerSalutation%3AsalutationFormal%7CtextHighlight%3Afalse%7CcontingentDisturber%3Atrue%7CwordingB%3Afalse%7ChighlightFirstProduct%3Afalse%7CshowValidationIcons%3Afalse%7CproductShowType%3Asame%7CfixedIframe%3Afalse%7CcustomHeaderTitle%3AWelches%20Dankesch%C3%B6n%20m%C3%B6chten%20Sie%20als%20Belohnung%20f%C3%BCr%20die%20Teilnahme%20am%20Gewinnspiel%3F%7CuseElastic%3Afalse%7CisSecondaryList%3Afalse
Origin: https://benefits.sovendus.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 06:35:03 GMT
server: nginx
etag: "12d1-5e2f4ef9b0b8f"
vary: Accept-encoding
x-cache: HIT
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 4817
x-xss-protection: 1; mode=block

GET
H2 200 50513.28eb525b270575c4.js Show response
benefits.sovendus.com/app-list/ Frame FE16 17 KB
5 KB 31ms
31ms Script
text/javascript 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.sovendus.com/app-list/50513.28eb525b270575c4.js

Requested by

Host: benefits.sovendus.com
URL: https://benefits.sovendus.com/app-list/runtime.7afebf76df1b1416.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

46-167-166-60.static.ip.adacor.net

Software

nginx /

Resource Hash

9196cac49eac95460c0dbfc4ea12d894e0951f661b3e9deabc34cd110938cfd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.sovendus.com/app-list/04c67468-01e1-4e5c-a207-eb81b08ded2c/65304e54-2e27-4688-a9b3-aa3fd875b3ef?trafficSourceNumber=2829&trafficMediumNumber=22&salutation=Mr.&zipCode=1120&country=AT&yearOfBirth=1998&sovToken=dKCMEox_5vWVSsP4g1GCuTGwJxF0h9ahzYeeU2mhOcLHu6Q7QibuvQoYeweJmOaJ9NnuUdWbqGEV9C7HgmRGBZXIV7fX5ykK5o-CX5ALUBsoUvpJd11HW-hl3ryj-QA6OaHlmftHmajiddB7jVs1Sto&sessionUuid=65304e54-2e27-4688-a9b3-aa3fd875b3ef&config=listLayout:oneColumnB%7CnoStorage:false%7CshowCustomHeaderBlock:true%7CscrollToIframe:true%7CshowHeaderGiftbox:true%7CcustomerSalutation:salutationFormal%7CtextHighlight:false%7CcontingentDisturber:true%7CwordingB:false%7ChighlightFirstProduct:false%7CshowValidationIcons:false%7CproductShowType:same%7CfixedIframe:false%7CcustomHeaderTitle:Welches%20Dankesch%C3%B6n%20m%C3%B6chten%20Sie%20als%20Belohnung%20f%C3%BCr%20die%20Teilnahme%20am%20Gewinnspiel%3F%7CuseElastic:false%7CisSecondaryList:false
Origin: https://benefits.sovendus.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 06:35:02 GMT
server: nginx
etag: "12d2-5e2f4ef944529"
vary: Accept-encoding
x-cache: HIT
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 4818
x-xss-protection: 1; mode=block

POST
H2 200 track-first-paint
press-tracking-api.sovendus.com/ 0
0 45ms
45ms Ping
text/html 46.167.166.60
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://press-tracking-api.sovendus.com/track-first-paint
Requested by: Host: api.sovendus.com
URL: https://api.sovendus.com/js/sovendus.js?v=544721c8-2ef6-5669-85bb-b159e972101b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.167.166.60 , Germany, ASN42442 (ADACOR-AS, DE),
Reverse DNS: 46-167-166-60.static.ip.adacor.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://deine-tolle-preise.tolle-nachrichten.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 main.css
api.signalize.com/banners/css/ 8 KB
1 KB 57ms
57ms Stylesheet
text/css 62.201.164.102
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.signalize.com/banners/css/main.css

Requested by

Host: api.signalize.com
URL: https://api.signalize.com/banners/accounts/479168?url=https%3A%2F%2Fdeine-tolle-preise.tolle-nachrichten.com%2F&lang=en-US&oneStep=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

62.201.164.102 , Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),

Reverse DNS

Software

Resource Hash

2c0645067ab5abd52f38cd3c05a546b127ad3fbfba99873c5472fb379cb5581d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://.signalize.com https://.etracker.com https://*.etracker.de 'unsafe-inline'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 07:41:51 GMT
date: Wed, 06 Jul 2022 09:45:29 GMT
x-frame-options: DENY
content-type: text/css
x-xss-protection: 1
cache-control: must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; encrypted-media 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; vr 'none'
x-x-backend: heracles
content-security-policy: script-src 'self' https://*.signalize.com https://*.etracker.com https://*.etracker.de 'unsafe-inline'
accept-ranges: bytes
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-content-type-options: nosniff

GET
H2 200 quieterUI.png
api.signalize.com/banners/img/ 879 B
928 B 70ms
70ms Image
image/png 62.201.164.102
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.signalize.com/banners/img/quieterUI.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

62.201.164.102 , Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),

Reverse DNS

Software

Resource Hash

314da61bc3a9a90e90d41ab6598b34d80db97d05a542d8373df67e7d14b220c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://.signalize.com https://.etracker.com https://*.etracker.de 'unsafe-inline'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 07:41:51 GMT
date: Wed, 06 Jul 2022 09:45:29 GMT
x-frame-options: DENY
content-type: image/png
x-xss-protection: 1
cache-control: must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; encrypted-media 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; vr 'none'
x-x-backend: heracles
content-security-policy: script-src 'self' https://*.signalize.com https://*.etracker.com https://*.etracker.de 'unsafe-inline'
accept-ranges: bytes
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 879
x-content-type-options: nosniff

GET
H2 200 arrow.png
api.signalize.com/banners/img/ 2 KB
2 KB 67ms
67ms Image
image/png 62.201.164.102
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.signalize.com/banners/img/arrow.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

62.201.164.102 , Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),

Reverse DNS

Software

Resource Hash

c60668244d88fa3e0a00a89ea6b88fa99787540b43690941535c9d178ebeded7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://.signalize.com https://.etracker.com https://*.etracker.de 'unsafe-inline'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 07:41:51 GMT
date: Wed, 06 Jul 2022 09:45:29 GMT
x-frame-options: DENY
content-type: image/png
x-xss-protection: 1
cache-control: must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; encrypted-media 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; vr 'none'
x-x-backend: heracles
content-security-policy: script-src 'self' https://*.signalize.com https://*.etracker.com https://*.etracker.de 'unsafe-inline'
accept-ranges: bytes
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2441
x-content-type-options: nosniff

GET
H2 200 bell.svg
api.signalize.com/banners/img/ 2 KB
1 KB 62ms
61ms Image
image/svg+xml 62.201.164.102
IPHH IPHH Interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.signalize.com/banners/img/bell.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

62.201.164.102 , Germany, ASN12731 (IPHH IPHH Internet Port Hamburg GmbH, DE),

Reverse DNS

Software

Resource Hash

220958f522de5eac2b3aa89d3615274d4fdd07c887965e06e888b4ad90b2081a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://.signalize.com https://.etracker.com https://*.etracker.de 'unsafe-inline'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://deine-tolle-preise.tolle-nachrichten.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 07:41:51 GMT
date: Wed, 06 Jul 2022 09:45:29 GMT
x-frame-options: DENY
content-type: image/svg+xml
x-xss-protection: 1
cache-control: must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; camera 'none'; encrypted-media 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'; vr 'none'
x-x-backend: heracles
content-security-policy: script-src 'self' https://*.signalize.com https://*.etracker.com https://*.etracker.de 'unsafe-inline'
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

291 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			deine-tolle-preise.tolle-nachrichten.com/	1970-01-20 04:18:31	Name: _tolle_nachrichten_com_40003_182_session Value: RDBXeGdIOFdmR1UxOHlqcWF2NWM1R1lqTGJaaDc1RUV3NnoxSFFkRENKMjdGRUNXSzRJSFVtQ0pzczcxa21xaXdwbThyak9TZnlFM3d0UUM0VStFbWNmU3NvaU96UzFOVHM1VzhEV3hYeXp6MFVjb0xDRGkyNUFwOXdjNmx1d25xU0hCYmlqTW1wdnFmNzR2R0g4eHhXbUYrQk1qbERoRVphdXpxLzJZZVhRbEUyOVdRQTd3QUxadnpxb0N4aEJyUE1SejBzNG5CMVEwSDc2NGp0azJCa0JJNnZwdmhTMENKRnZjZ2dwQ3Q1QXFmc3IxRlM4U2Q3a2pmVU4zcFd6clRYM0M1bmZvUUZYaGxadlJZeGVBWlVLNkp1dS9uMjNYd1UyK3c2eFBpcVZJSUxqcXFPdXR4RCtVYWNwN2FmeExrcmdkNjd4T0hlYjZNZ2s0Z3c3QkdJc2UzOE83cTc0STh6b3lLZTNXYWhoZjdTc2dCd0EwbjZUdFVEZ1ZWbkFJZTh3M21KRnFEdG9YeTcrdnh1MlBlcVFOREd2U2hPdEJURW1FVTFOUm9qdktDYnBSbWV0bWxpeEJWWllYcEc0TEZ5MXgydHlwRGIyeldEOU0zOTZyNWVramF3UW9HZktWUkZyem9VdkIzTmM9LS05b1RmUHJhK0l4dkVrb2hlQmwxZWxRPT0%3D--7f68d0b29250d59731e55142e8afaca49fd931ed

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.signalize.com
api.sovendus.com
assets.sovendus.com
benefits.sovendus.com
click.pstmrk.it
code.etracker.com
deine-tolle-preise.tolle-nachrichten.com
fonts.googleapis.com
fonts.gstatic.com
identification-api.sovendus.com
press-list-api.sovendus.com
press-tracking-api.sovendus.com
static.etracker.com
www.etracker.de
104.64.114.42
130.0.76.153
2a00:1450:4001:80b::2003
2a00:1450:4001:811::200a
45.156.88.10
46.167.166.60
52.208.176.175
62.201.164.102
62.201.164.113
62.201.164.117
127cf60f209a7f5c3d2b3bca348accc498161fe7b32b2e81b2b496a8ad249c3a
157749c0ad9b827ad06bffc799178d4b7bda29a3cdd5aff3669ad9fb4dff83d1
19ad7bf9fc1d13354b68ce1f35aac4712df9e4ff8631258b15c6c4daa58ff461
1b84ed01781c9dee02bc6d630a785c620e5de0a5fec482b6f53bdb67127a51ba
1de961ad89108391d87742b67a354e00229edbcd9fee492f5d39107e76aa031d
220958f522de5eac2b3aa89d3615274d4fdd07c887965e06e888b4ad90b2081a
2c0645067ab5abd52f38cd3c05a546b127ad3fbfba99873c5472fb379cb5581d
2d2e0d247a3312503d06d7acd69fa4bc2337b54df7889ff5f86c34868df1a987
314da61bc3a9a90e90d41ab6598b34d80db97d05a542d8373df67e7d14b220c6
36591a851681354e9411fbc17304dea3a2472d3437da19ad888b0a7eb277eedf
38bf1871d594c86ea4d91d6f867b77138bc2c13c082a993e04e46f58a0b1c013
3c85950f4d6d801f156f6713a7c77afe9e8e9f43e7105d852d31857d7279fe81
4dee7b3eee7ee9e825de2667c8ee1ff0b28bc1cb92c0ff8c1718e782813dcf7d
51f7be1a97ca7c99125bb6b3563f3e4b2e5c681f405c3e7bf9f81799c8576b83
5613cbf2fc2ce70542ae9bb0d12954f1f3d8acf1e2445f058ae3f306ec6e188c
67ba5a795b45d0546889b7bca9d2d7440c0e6374e74a6aa29f26bd4f7ff7e66f
67c622283578635f1a0f4a16969111e3972a3858b14700991a99d98614bcdbc0
6ffb7f233d0157f8510c2b42da70227cad9243d81930c080b0dd978e6d1c6951
77397eb7a87d657b199e994753c75c4854f3b6c6833baf5cd7cbdb4988cb1086
7b25ebe48ace983d2e53081083e06eb8901255843b8d70b6411658908adda88c
7dfdd9c0cde23d7aaf3a646ce1dfd741c2a49230e52ac59a589c87203dda04c5
8476bced89555bef6798c51772af16ff21d639824579fd10a44f4362dc66bc8f
897e3ec2ff7573ff99f095b85d48bcc43cce841f391a8e028f56e6d4eac6b65f
9196cac49eac95460c0dbfc4ea12d894e0951f661b3e9deabc34cd110938cfd7
9b2b78b145e52b7d722eca6438fe2ff364feb69d30cb465e8cf30c3b050529f7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a536ecfd4c5c0a074b73216df76016492b2772e2d657c134311960a598338cc1
a623035480cd63c048f150330143276c97d089d00cbf0384f82feaaad0e60bd1
a6fca6eb8e91a45fa8b8ebe0b9847fb646b4c7e59cdc9394fcbc82086241e5e5
ac6d01412496b0e611903947dfc3a94e4543f3554f653169bf0342f507aa1576
b36fee3fd97e19c8ea30265b975af36c92156f21c20f1581644b936a01e34716
c60668244d88fa3e0a00a89ea6b88fa99787540b43690941535c9d178ebeded7
cba57b4f81dc371abfd7dfb1a87d2859b84da6cd4f6f3754af3e126b6e999595
ccf1de85edd34e8dcc00caeb9bc7a83f9dc767fe624095fbea08c4afdf42d18e
d1d730c48e41b79bcbef2706263ee9219de2f4adad095ebb0ca9dcfa09049260
d44f8654b5047b79cd743cf1ce578c8c94153db42ec5df66919bfe96ee7d116c
d4e59fd80fcfc26163749bd6602a90eb595bda3288847bce4ed501b71f56bf00
d9b4834099796a8f64ce5d8c770480a77cfa21a9e45855f61035c24e4dcec8ca
daca36bf0de42476fb3dcbc3f10b97744bd4481953519c446d52a228da85eea9
dbf5b9147594befab221bbcd659a106b978e67fa7675842090718e044c6f69bd
dc058b9955017088334f01bf94281941cf5d496806cbe0e4e90a1ca003f1241a
de375dcc9a236b95a5f6b320b13014e978da7b612933b5970b4cd0ae85c326a1
df3753fe890274cfcd1b934ad1c114055bbf2618d8105a2debe5f908d5104432
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2e0e472fe5ca7dff366da83cb93bffb8fa0d0c67b4480f6a01f4e86c786c31
ed53e4594b16a157a4d8a23d981a43a83eb2f3f75fa93d76d57aacc848ec7184
f0b13094e9a970c71de9352055e2194f32a8ed1f50c207a238de72e1d8663bbf
f1420648f37e4e1b131ae157a75ac888233d73f1a5cae33a56ba11241f510a87
f36c2b1c0cd20905ccbfb49d5bf5a953561974f705a1dbdbeca9fabf0586a828
f56296006b83adeeac98db7999a9ec19a0feb6b4fc5efc79c79c3f90073db291
f84d18d8bf2714211dbf8f8179061cd53ef1fdbd969fa070cf40c31707ccdc3f
fbec19477bc80bf0e24c911232414f36bf545062c4f57257aa817e10acdd09be
fdf3169241b3ce94a0b2b4a934411baba06a1fc5d123aa2e72e20712b8a2412c

deine-tolle-preise.tolle-nachrichten.com Open in urlscan Pro 45.156.88.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

20 %IPv6

8 Domains

14 Subdomains

10 IPs

3 Countries

2007 kBTransfer

3699 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

deine-tolle-preise.tolle-nachrichten.com Open in urlscan Pro
45.156.88.10 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

20 %
IPv6

8
Domains

14
Subdomains

10
IPs

3
Countries

2007 kB
Transfer

3699 kB
Size

1
Cookies

54 HTTP transactions
1 data transactions