urlscan.io logo urlscan.io
SecurityTrails logo

desktop.kouwaiwai.de Open in urlscan Pro
89.191.67.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://viral481.com/srv.html?id=5481525&pub=907965
Effective URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer...
Submission: On September 20 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 12 domains to perform 34 HTTP transactions. The main IP is 89.191.67.206, located in Germany and belongs to MEGASPACE-AS, DE. The main domain is desktop.kouwaiwai.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 4th 2019. Valid for: 3 months.
This is the only time desktop.kouwaiwai.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.27.156.197 13335 (CLOUDFLAR...)
1 151.101.114.110 54113 (FASTLY)
1 1 52.20.83.4 14618 (AMAZON-AES)
1 17 89.191.67.79 34624 (MEGASPACE-AS)
1 162.247.242.19 23467 (NEWRELIC-...)
3 89.191.67.206 34624 (MEGASPACE-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
34 10
1    104.27.156.197 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
viral481.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    52.20.83.4 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-20-83-4.compute-1.amazonaws.com
lg.aivilors.com
17    89.191.67.79 (Germany)

ASN34624 (MEGASPACE-AS, DE)
PTR: srv1.rlcontrol.de
www.exklusive-preise.de
rlcontrol.de
www.rlcontrol.de
1    162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
3    89.191.67.206 (Germany)

ASN34624 (MEGASPACE-AS, DE)
desktop.kouwaiwai.de
3    2606:4700::6810:233f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
onesignal.com
3    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
14 www.rlcontrol.de desktop.kouwaiwai.de
3 fonts.gstatic.com www.rlcontrol.de
3 fonts.googleapis.com desktop.kouwaiwai.de
3 desktop.kouwaiwai.de www.rlcontrol.de
2 cdnjs.cloudflare.com desktop.kouwaiwai.de
www.rlcontrol.de
2 cdn.onesignal.com desktop.kouwaiwai.de
cdn.onesignal.com
2 www.exklusive-preise.de 1 redirects
1 onesignal.com cdn.onesignal.com
1 code.jquery.com desktop.kouwaiwai.de
1 rlcontrol.de www.exklusive-preise.de
1 bam.nr-data.net js-agent.newrelic.com
1 lg.aivilors.com 1 redirects
1 js-agent.newrelic.com viral481.com
1 viral481.com
34 14

This site contains links to these domains. Also see Links.

Domain
odoki.de
my-promobox.de
www.rlcontrol.de
Subject Issuer Validity Valid
sni133380.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-18 -
2020-03-26		 6 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
www.exklusive-preise.de
Sectigo RSA Domain Validation Secure Server CA		 2019-01-14 -
2020-04-13		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh
*.rlcontrol.de
Sectigo RSA Domain Validation Secure Server CA		 2019-01-15 -
2021-04-14		 2 years crt.sh
toutoanui.de
Let's Encrypt Authority X3		 2019-08-04 -
2019-11-02		 3 months crt.sh
ssl473492.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-07-02 -
2020-01-08		 6 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Frame ID: E07A65E708DF759B71A5E2A6F90B798E
Requests: 33 HTTP requests in this frame

Frame: https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Frame ID: 08FF8CB83B28D41C87C690914ABC9EDE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://viral481.com/srv.html?id=5481525&pub=907965 Page URL
  2. http://lg.aivilors.com/t/clk?id=N8FjDBtVj5Rsv9Bnso&s1=907965-770261156 HTTP 302
    https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=320&idCampaignAd=0&subId=&s... Page URL
  3. https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=320&idCampaignAd=0&subId=&s... HTTP 302
    https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBa... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

34
Requests

100 %
HTTPS

45 %
IPv6

12
Domains

14
Subdomains

10
IPs

3
Countries

492 kB
Transfer

1290 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://viral481.com/srv.html?id=5481525&pub=907965 Page URL
  2. http://lg.aivilors.com/t/clk?id=N8FjDBtVj5Rsv9Bnso&s1=907965-770261156 HTTP 302
    https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=320&idCampaignAd=0&subId=&subIdentifier=&rlmset=samsungs10_new_de&subId=a18a42e6-34df-4679-87db-4e05c0100b89&cBarHide=&subIdentifier=12887 Page URL
  3. https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=320&idCampaignAd=0&subId=&subIdentifier=&rlmset=samsungs10_new_de&subId=a18a42e6-34df-4679-87db-4e05c0100b89&cBarHide=&subIdentifier=12887&switchReferer=https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html HTTP 302
    https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://lg.aivilors.com/t/clk?id=N8FjDBtVj5Rsv9Bnso&s1=907965-770261156 HTTP 302
  • https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=320&idCampaignAd=0&subId=&subIdentifier=&rlmset=samsungs10_new_de&subId=a18a42e6-34df-4679-87db-4e05c0100b89&cBarHide=&subIdentifier=12887

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
srv.html
viral481.com/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://viral481.com/srv.html?id=5481525&pub=907965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.156.197 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa0b2112a69aa8db980412ad2374cd77db2a8619e2ad5a8a54cc7c91158633f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
viral481.com
:scheme
https
:path
/srv.html?id=5481525&pub=907965
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Fri, 20 Sep 2019 10:42:49 GMT
content-type
text/html
set-cookie
__cfduid=d2cbce4ef17f1d383e24f8564dd7d4e601568976168; expires=Sat, 19-Sep-20 10:42:48 GMT; path=/; domain=.viral481.com; HttpOnly PHPSESSID=4lkqKZOAjkfDP9ajnYffxhx6b23aW338HBJEEzL_CAJg-MT10G-xkx3_hFK-9USx; path=/; HttpOnly SERVERID=web2; path=/
x-frame-options
SAMEORIGIN
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
x-xss-protection
1; mode=block
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
519331dff986c272-FRA
content-encoding
br
nr-1130.min.js
js-agent.newrelic.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1130.min.js
Requested by
Host: viral481.com
URL: https://viral481.com/srv.html?id=5481525&pub=907965
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://viral481.com/srv.html?id=5481525&pub=907965
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 10:42:49 GMT
content-encoding
gzip
x-amz-request-id
FC2E5E9385FF35C9
x-cache
HIT
status
200
content-length
9407
x-amz-id-2
3XNtuktyD4wqrPKGubF2M/YqUHo1gnfCUg2ZcA6WpCpRhqESM5LEOkXHaOHxrPCQ1vUCnpmkB8M=
x-served-by
cache-hhn4054-HHN
last-modified
Tue, 09 Jul 2019 23:52:06 GMT
server
AmazonS3
x-timer
S1568976169.381228,VS0,VE0
etag
"73f8857196b9ef7fd3b302cbc557b8ac"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11407
Cookie set de,20160420,weiche,flexblocks_624.html
www.exklusive-preise.de/
Redirect Chain
  • http://lg.aivilors.com/t/clk?id=N8FjDBtVj5Rsv9Bnso&s1=907965-770261156
  • https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=320&idCampaignAd=0&subId=&subIdentifier=&rlmset=samsungs10_new_de&subId=a18a42e6-34df-4679-87db-4e05c0100b89&cBarHid...
776 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=320&idCampaignAd=0&subId=&subIdentifier=&rlmset=samsungs10_new_de&subId=a18a42e6-34df-4679-87db-4e05c0100b89&cBarHide=&subIdentifier=12887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u5
Resource Hash
73252363e8f1ef98ad515d39a686e08c38b766004f1a15c9eecacacc259e136c

Request headers

Host
www.exklusive-preise.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:49 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u5
Set-Cookie
PHPSESSID=n8bdrmpsr197t9vqnumn1bj670; path=/ coyoteTrackingCookie_624=355585692; expires=Sun, 20-Oct-2019 10:42:49 GMT; Max-Age=2592000; path=/ coyoteSimpleTrackingCookie=355585692; expires=Sat, 21-Sep-2019 10:42:49 GMT; Max-Age=86400; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
442
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 20 Sep 2019 10:42:49 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Set-Cookie
AWSALB=CH20WrsTcoOvaAx3tN75CGzfiS9ttwU9ySfV3teQJzMA0DnVwaBTRYeu919ENlD36LnlVZsIzKofjrgjuFjzc6E1yDozk4yqi0EJ9yiXCPdLOYX9AR3PcZbD8TcS; Expires=Fri, 27 Sep 2019 10:42:49 GMT; Path=/ uip="[\"1x74OWK\"\054 {\"DK8og\": \"azwmJee\"}]:1iBGNF:c2VKWi6rgFkKI0Avu3ef0PtEW0I"; expires=Sun, 20 Oct 2019 10:42:49 GMT; Max-Age=2592000; Path=/ ydt_aa7c0355de3641c2bc7b2a64a83398f9="[\"a18a42e6-34df-4679-87db-4e05c0100b89\"]:1iBGNF:t7nfoUIXX9g2r-CaxXqfnIj2SOk"; Domain=nkotbtrky.com; expires=Sun, 20 Oct 2019 12:42:49 GMT; Max-Age=2599200; Path=/
Server
nginx/1.12.2
Location
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=320&idCampaignAd=0&subId=&subIdentifier=&rlmset=samsungs10_new_de&subId=a18a42e6-34df-4679-87db-4e05c0100b89&cBarHide=&subIdentifier=12887
Cache-Control
no-transform
X-Frame-Options
SAMEORIGIN
Vary
Cookie
62915533ca
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/62915533ca?a=14035018&v=1130.54e767a&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=475&ref=https://viral481.com/srv.html&ap=155&be=455&fe=462&dc=460&perf=%7B%22timing%22:%7B%22of%22:1568976168916,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:13,%22c%22:13,%22s%22:18,%22ce%22:37,%22rq%22:37,%22rp%22:439,%22rpe%22:441,%22dl%22:446,%22di%22:460,%22ds%22:460,%22de%22:460,%22dc%22:460,%22l%22:460,%22le%22:462%7D,%22navigation%22:%7B%7D%7D&at=QhYERANMTUo%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1130.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://viral481.com/srv.html?id=5481525&pub=907965
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
weiche_de_real-prizes.php
rlcontrol.de/ftp/ Frame 08FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Requested by
Host: www.exklusive-preise.de
URL: https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=320&idCampaignAd=0&subId=&subIdentifier=&rlmset=samsungs10_new_de&subId=a18a42e6-34df-4679-87db-4e05c0100b89&cBarHide=&subIdentifier=12887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u5
Resource Hash

Request headers

Host
rlcontrol.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=320&idCampaignAd=0&subId=&subIdentifier=&rlmset=samsungs10_new_de&subId=a18a42e6-34df-4679-87db-4e05c0100b89&cBarHide=&subIdentifier=12887
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=320&idCampaignAd=0&subId=&subIdentifier=&rlmset=samsungs10_new_de&subId=a18a42e6-34df-4679-87db-4e05c0100b89&cBarHide=&subIdentifier=12887

Response headers

Date
Fri, 20 Sep 2019 10:42:49 GMT
Server
Apache/2.4.10 (Debian)
Vary
Host,Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u5
Content-Encoding
gzip
Content-Length
430
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request Cookie set campaign_496.html
desktop.kouwaiwai.de/
Redirect Chain
  • https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=320&idCampaignAd=0&subId=&subIdentifier=&rlmset=samsungs10_new_de&subId=a18a42e6-34df-4679-87db-4e05c0100b89&cBarHid...
  • https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexbl...
68 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.206 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u5
Resource Hash
923c1f26e74f8f0275f08283c72fa1f6fa015f60d001e886b1f73a896d7ad0b7

Request headers

Host
desktop.kouwaiwai.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://rlcontrol.de/ftp/weiche_de_real-prizes.php

Response headers

Date
Fri, 20 Sep 2019 10:42:49 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u5
Set-Cookie
PHPSESSID=rj69oibvqbmau1js8jh2rfgdb1; path=/ coyoteAffiliTokenId496=355585693; expires=Fri, 20-Sep-2019 14:42:49 GMT; Max-Age=14400; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
10100
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 20 Sep 2019 10:42:49 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u5
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
coyoteTrackingCookie_613=355585693; expires=Sun, 20-Oct-2019 10:42:49 GMT; Max-Age=2592000; path=/ coyoteSimpleTrackingCookie=355585693; expires=Sat, 21-Sep-2019 10:42:49 GMT; Max-Age=86400; path=/
Location
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Content-Length
2
Connection
close
Content-Type
text/html; charset=UTF-8
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:233f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2617768e184d5ddcc9a4e65b4780f0028502af41c54c438c18177bcaf581aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 10:42:50 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2358
etag
W/"73548930d8015a67a49758d8fe546f33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
519331e6bb78cbc8-VIE
expires
Fri, 20 Sep 2019 22:42:50 GMT
reset.css
www.rlcontrol.de/ftp/flexblocks/css/ 		812 B
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/reset.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
27b68b172858b007dc7b2fc3ac81b6a87924bc8520f5592850a1283a65b69af3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:53 GMT
Server
Apache/2.4.10 (Debian)
ETag
"32c-54a4a08790043-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
489
bootstrap.min.css
www.rlcontrol.de/ftp/flexblocks/css/ 		114 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/bootstrap.min.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:42 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1c99e-54a4a07d3b832-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
19218
awesome-bootstrap-checkbox.css
www.rlcontrol.de/ftp/flexblocks/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/awesome-bootstrap-checkbox.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
984d6e82dce7262e5c27733ab7c2521a1f25f4a3ec2a1839620e053d3eec78bb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:42 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1a50-54a4a07c909d9-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1046
general_tile_coregs_dynamic_desktop_de.css
www.rlcontrol.de/ftp/flexblocks/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/general_tile_coregs_dynamic_desktop_de.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
ef82e74f6f6990329deb8e624baaa319380550e92d4a034929886357899a1735

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Jun 2019 14:10:30 GMT
Server
Apache/2.4.10 (Debian)
ETag
"d240-58b99acdf74b8-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
9742
balloon.min.css
www.rlcontrol.de/ftp/flexblocks/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/balloon.min.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Mar 2017 09:05:10 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1571-54b39f0e4b2f6-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1087
css
fonts.googleapis.com/ 		2 KB
467 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,900,700
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5eecac60daf67e9978b368ef66fe2b25e1f0a61da04d77ee55905ac53d1a1cf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 20 Sep 2019 10:42:50 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 20 Sep 2019 10:42:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 20 Sep 2019 10:42:50 GMT
css
fonts.googleapis.com/ 		460 B
405 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Calligraffitti
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7f4e31beb4137909805be8ecdd8a5417036e606d0f5105a9cb4cdf2d2356f1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 20 Sep 2019 10:42:50 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 20 Sep 2019 10:42:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 20 Sep 2019 10:42:50 GMT
css
fonts.googleapis.com/ 		423 B
342 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Satisfy
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
78acf37b6c980a9d638c2a825bf0e419f65d68d6fffab3f3063270151f5aadec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 20 Sep 2019 10:42:50 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 20 Sep 2019 10:42:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 20 Sep 2019 10:42:50 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 10:42:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13610101
status
200
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
W/"5afd4939-81d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
519331e6bd0b59d6-VIE
expires
Wed, 09 Sep 2020 10:42:50 GMT
jquery.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2016 15:23:29 GMT
Server
Apache/2.4.10 (Debian)
ETag
"14915-541d13ce2b8df-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
29497
bootstrap.min.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/bootstrap.min.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2016 15:23:25 GMT
Server
Apache/2.4.10 (Debian)
ETag
"9004-541d13caa3446-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
9765
jquery-ui.min.js
code.jquery.com/ui/1.11.3/ 		234 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.3/jquery-ui.min.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Feb 2015 18:05:20 GMT
Server
nginx
ETag
W/"54dceb60-3a99b"
Vary
Accept-Encoding
X-HW
1568976170.dop010.fr8.shc,1568976170.dop010.fr8.t,1568976170.cds022.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
64209
rlm_flex_tile_coregs_dynamic_desktop_de.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		152 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
7c7a72688694d2553c8023ef8f18ca3d45e065f939249af0dcac2c3ac8f09d45

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jul 2019 14:38:56 GMT
Server
Apache/2.4.10 (Debian)
ETag
"2618f-58ee6f7ef3bc7-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
32253
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		214 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:233f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f688bad571627f2a40dad80951a0220fa5d11cdf8fb2888bf2887c53811c7d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 10:42:50 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2871
etag
W/"f4ebb281698a883231242a4d72c8502e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
519331e6ebe4cbc8-VIE
expires
Mon, 23 Sep 2019 10:42:50 GMT
samsungs10_new_de.json
desktop.kouwaiwai.de/ftp/flexblocks/rlmsets/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://desktop.kouwaiwai.de/ftp/flexblocks/rlmsets/samsungs10_new_de.json?format=json&_=1568976170079
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.206 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
36bccf7d9b3ce1c3d74c36dac1640bb1328e0a03e8528cbf94859162e5985ed7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Last-Modified
Wed, 10 Apr 2019 11:20:32 GMT
Server
Apache/2.4.10 (Debian)
ETag
"9ff-5862b420214a3"
Content-Type
application/json
Connection
close
Accept-Ranges
bytes
Content-Length
2559
samsungs10_new_de.json
desktop.kouwaiwai.de/ftp/flex_core/prepages/json/ 		681 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://desktop.kouwaiwai.de/ftp/flex_core/prepages/json/samsungs10_new_de.json?format=json&_=1568976170080
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.206 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
3ba84d647a2e123d2dfb54a22a09805e4819dec511edfcc3ce443fa0d2696991

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Last-Modified
Mon, 25 Feb 2019 15:31:54 GMT
Server
Apache/2.4.10 (Debian)
ETag
"2a9-582b9a3eae26e"
Content-Type
application/json
Connection
close
Accept-Ranges
bytes
Content-Length
681
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 13:36:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
2149601
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
14044
x-xss-protection
0
expires
Tue, 25 Aug 2020 13:36:09 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 21 Aug 2019 21:19:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
2553810
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
14176
x-xss-protection
0
expires
Thu, 20 Aug 2020 21:19:20 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 10:42:50 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
13610101
status
200
content-length
66624
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
"5afd4939-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
519331e78e758c7a-VIE
expires
Wed, 09 Sep 2020 10:42:50 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 09:51:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
2163092
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
13732
x-xss-protection
0
expires
Tue, 25 Aug 2020 09:51:18 GMT
sidetickgreen.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/sidetickgreen.png
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
a22f8686a04010f3fe6a6d4828454cf008bdaa079cce01117a4cf821c30ca940

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Last-Modified
Thu, 30 Jun 2016 19:38:33 GMT
Server
Apache/2.4.10 (Debian)
ETag
"6ca-5368403ed0040"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
1738
s10pb.png
www.rlcontrol.de/ftp/flex_core/prepages/big/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/big/s10pb.png
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
d2d61c11967b7def51353fd1a4ff28ca9f607781d25215dcb8056d0e34ea6660

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Last-Modified
Mon, 25 Feb 2019 13:59:35 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1be92-582b859c48a92"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
114322
s8mb.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/s8mb.png
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
400afc15e5e7212a02ffd53f58d3c730bb5457631282da645b5f33da8a13040b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Last-Modified
Thu, 30 Mar 2017 08:27:13 GMT
Server
Apache/2.4.10 (Debian)
ETag
"5ae-54bee75ba9b89"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
1454
samsungs10pblue.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/samsungs10pblue.png
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
fd33a709283ca80da968244eebae5353b47ce9e55bcfcb1979f9a7031c992750

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Last-Modified
Mon, 25 Feb 2019 14:11:33 GMT
Server
Apache/2.4.10 (Debian)
ETag
"9de-582b88492f04b"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2526
samsungs10pgreen.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/samsungs10pgreen.png
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
a52a6ea5ba4c5b9a703f08ae39c2d7318dbf4e4cabedee0477c0ff320c2dbcf7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Last-Modified
Mon, 25 Feb 2019 14:17:33 GMT
Server
Apache/2.4.10 (Debian)
ETag
"a13-582b89a0b789f"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2579
samsungs10pwhite.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/samsungs10pwhite.png
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
d6c472efdd138ebec2e98a4142af554be6d175d76692038c9453bcaf97dc5a27

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 10:42:50 GMT
Last-Modified
Mon, 25 Feb 2019 14:17:33 GMT
Server
Apache/2.4.10 (Debian)
ETag
"a11-582b89a0b789f"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2577
web
onesignal.com/api/v1/sync/22b474ad-13cb-43cd-bda4-a495470ad2bd/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/22b474ad-13cb-43cd-bda4-a495470ad2bd/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:233f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.3.7
Resource Hash
a47d98f3d265df1f13b010d5eeb913e02dc61382afada50fcd0db70151791020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=355585693&rlmset=samsungs10_new_de&cBarHide=&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 10:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-powered-by
Phusion Passenger 5.3.7
status
200, 200 OK
x-xss-protection
1; mode=block
x-request-id
de377dbe-e3b1-4ca1-8178-db439a199d09
x-runtime
0.075545
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
519331e7ee92cbc8-VIE
access-control-allow-headers
SDK-Version
expires
Fri, 20 Sep 2019 10:47:50 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| OneSignal function| $ function| jQuery number| value number| _STOP string| end function| styletimer function| settimer function| b64DecodeUnicode function| HexDigitToDec function| SimpleHexToDec function| HexColorToRgb function| HexColorToRGBA function| MixColors function| MixGradientEndColor function| MixBorderColor function| OnCoregDoiPage function| OnFirstRegPage function| OnSecondRegPage function| OnCoregPage function| OnLogoutPage function| ShowPromoConsentMessage function| build_progress_bars function| set_progress function| update_progressbar function| set_background object| backgroundInfo function| rlmHandler function| create_testimonials function| show_testimonials function| next function| create_prepage function| prepage_auswahl function| prepage_info function| prepage_dropdown string| fragdata string| pfdata function| prepage_fragen function| fragendesigner function| pp_hide function| forceImage function| inputstyler function| ValidateSecondRegPage function| style_continue_button function| style_simple_continue_button number| unknownAttemptCount number| maxUnknownAttemptCount boolean| emailErrorShown string| textInputColor function| ShowKickboxError function| HideKickboxErrorMessage function| IsValidTonlineAddress function| buttonstyler function| buttonsmallstyler function| buttonsmallfragenstyler string| symbol_animation string| symbol_speed1 string| symbol_speed2 function| animateButton function| rebuild_continue_button string| fullUrl string| rlmset string| mode string| fi boolean| secondCoregStage number| totalCoregCount number| clickedCoregCount number| clickedListCoregCount number| coregCount boolean| coregsUncovered number| coregCountPerGroup object| coregGroups number| currentCoregGroupIndex number| visibleCoregCount number| weightedCoregCount number| initProgress function| get_coreg_container_by_index function| show_secondary_coregs function| init_audibene function| build_coreg_groups function| show_coreg_group function| hide_coreg_group function| show_next_coreg_group function| apply_spiegel_coreg_changes function| assign_coreg_indices function| show_info_popup function| BrandbueroBuyButtonCallback function| apply_frank_coreg_changes number| round string| hl1_color string| hl2_color string| ip1 string| ip2 string| ip3 string| ip4 string| ip5 string| ip6 string| ip7 number| lb number| __oneSignalSdkLoadCount function| __jp0

2 Cookies

Domain/Path Name / Value
desktop.kouwaiwai.de/ Name: coyoteAffiliTokenId496
Value: 355585693
desktop.kouwaiwai.de/ Name: PHPSESSID
Value: rj69oibvqbmau1js8jh2rfgdb1

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js(Line 1889)
Message:
datenEingabe_496.html
console-api log URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js(Line 474)
Message:
complete

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
desktop.kouwaiwai.de
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
lg.aivilors.com
onesignal.com
rlcontrol.de
viral481.com
www.exklusive-preise.de
www.rlcontrol.de
104.27.156.197
151.101.114.110
162.247.242.19
2001:4de0:ac18::1:a:3a
2606:4700::6810:233f
2606:4700::6813:c497
2a00:1450:4001:815::200a
2a00:1450:4001:81d::2003
52.20.83.4
89.191.67.206
89.191.67.79
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854
0a2617768e184d5ddcc9a4e65b4780f0028502af41c54c438c18177bcaf581aa
16f688bad571627f2a40dad80951a0220fa5d11cdf8fb2888bf2887c53811c7d
27b68b172858b007dc7b2fc3ac81b6a87924bc8520f5592850a1283a65b69af3
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
36bccf7d9b3ce1c3d74c36dac1640bb1328e0a03e8528cbf94859162e5985ed7
3ba84d647a2e123d2dfb54a22a09805e4819dec511edfcc3ce443fa0d2696991
400afc15e5e7212a02ffd53f58d3c730bb5457631282da645b5f33da8a13040b
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8
5eecac60daf67e9978b368ef66fe2b25e1f0a61da04d77ee55905ac53d1a1cf9
73252363e8f1ef98ad515d39a686e08c38b766004f1a15c9eecacacc259e136c
78acf37b6c980a9d638c2a825bf0e419f65d68d6fffab3f3063270151f5aadec
7c7a72688694d2553c8023ef8f18ca3d45e065f939249af0dcac2c3ac8f09d45
7f4e31beb4137909805be8ecdd8a5417036e606d0f5105a9cb4cdf2d2356f1d2
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
923c1f26e74f8f0275f08283c72fa1f6fa015f60d001e886b1f73a896d7ad0b7
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
984d6e82dce7262e5c27733ab7c2521a1f25f4a3ec2a1839620e053d3eec78bb
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a22f8686a04010f3fe6a6d4828454cf008bdaa079cce01117a4cf821c30ca940
a47d98f3d265df1f13b010d5eeb913e02dc61382afada50fcd0db70151791020
a52a6ea5ba4c5b9a703f08ae39c2d7318dbf4e4cabedee0477c0ff320c2dbcf7
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1
d2d61c11967b7def51353fd1a4ff28ca9f607781d25215dcb8056d0e34ea6660
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697
d6c472efdd138ebec2e98a4142af554be6d175d76692038c9453bcaf97dc5a27
ef82e74f6f6990329deb8e624baaa319380550e92d4a034929886357899a1735
fa0b2112a69aa8db980412ad2374cd77db2a8619e2ad5a8a54cc7c91158633f2
fd33a709283ca80da968244eebae5353b47ce9e55bcfcb1979f9a7031c992750
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995