gewinnen-de.com Open in urlscan Pro
2606:4700:3032::ac43:89f8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gewinnen-de.com/
Effective URL:
https://gewinnen-de.com/
Submission: On February 24 via api (February 24th 2024, 12:24:08 pm UTC) from BE — Scanned from DE

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3032::ac43:89f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is gewinnen-de.com.
TLS certificate: Issued by GTS CA 1P5 on February 13th 2024. Valid for: 3 months.

This is the only time gewinnen-de.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:491a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:303... 2606:4700:3032::ac43:89f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::720 2a04:4e42::720	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	8

1 2606:4700:3031::6815:491a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gewinnen-de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3032::ac43:89f8 (United States)

ASN13335 (CLOUDFLARENET, US)

gewinnen-de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 503	1 MB
9	gewinnen-de.com 1 redirects gewinnen-de.com	220 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	4 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	177 KB
2	gstatic.com fonts.gstatic.com	80 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 306	56 KB
1	unsplash.com images.unsplash.com — Cisco Umbrella Rank: 5982	18 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	31 KB
32	8

	Domain	Requested by
14	play-lh.googleusercontent.com	gewinnen-de.com
9	gewinnen-de.com	1 redirects gewinnen-de.com
3	fonts.googleapis.com	gewinnen-de.com
2	cdnjs.cloudflare.com	gewinnen-de.com
2	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	gewinnen-de.com
1	images.unsplash.com	gewinnen-de.com
1	code.jquery.com	gewinnen-de.com
32	8

This site contains links to these domains. Also see Links.

Domain
play.google.com

Subject Issuer	Validity	Valid
gewinnen-de.com GTS CA 1P5	`2024-02-13` - `2024-05-13`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
images.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gewinnen-de.com/
Frame ID: 483424903E255CAFC2A7D3D1DE92329D
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

School Simulator Love Story

Page URL History Show full URLs

http://gewinnen-de.com/ HTTP 301
https://gewinnen-de.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

32
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

1901 kB
Transfer

2713 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.lhy.love.story.school.simulator&hl=en&gl=us
Title: Download app Google Play

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gewinnen-de.com/ HTTP 301
https://gewinnen-de.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gewinnen-de.com/
Redirect Chain

http://gewinnen-de.com/
https://gewinnen-de.com/

24 KB
6 KB

192ms
157ms

Document
text/html

2606:4700:3032::ac43:89f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gewinnen-de.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:89f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 386d19e125a79a79fcd97366fd3c93d856de2d9c83a0c7fdbbb38e726bc1a7ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 85a7aee878d66656-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 24 Feb 2024 12:24:02 GMT
expires: 0
last-modified: Sat, 24 Feb 2024 12:24:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMbVLwntf4yoxe838dYg6bCqppbQAJye85NRtBKLtZ3SQyxrsFU1fR%2BbbWFqzdDOqZIjaQE176h5EkwNWPWHRW2UCaYIwSAMjUh24xh1de%2FncjRsourszOs06WAQlBe9kTJ%2FShRAjhOkr2GMs8M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
CF-RAY: 85a7aee77edbb908-AMS
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 24 Feb 2024 12:24:02 GMT
Expires: 0
Last-Modified: Sat, 24 Feb 2024 12:24:02 GMT
Location: https://gewinnen-de.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZE6l%2FXNQxi2Hx4TrxFa%2BpqZ22Yh5W98FFShtR8ZR%2BJ4SXvmeBGNZeGUyPcClPzNfEYCvZxmDp6B%2F8X%2B0YC3LWG9F6f1SPF020Ac77vvJgjIKVUUFSUX9oUY7vu2rvWInVvkamm4mVW1fFv%2Fr0w%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
gewinnen-de.com/lander/14/cdn-cgi/styles/ 452 KB
100 KB 84ms
82ms Stylesheet
text/css 2606:4700:3032::ac43:89f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gewinnen-de.com/lander/14/cdn-cgi/styles/style.css?1
Requested by: Host: gewinnen-de.com
URL: https://gewinnen-de.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:89f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f11f0bb961b730f636f3c01dd40a6e454c4e7b5fc28fd3dbdf8aec7b2c26fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 16:34:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64650215-70e4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwOQDC23NzpcaZD5kMHutmsqyd8r83TC0cLt6W5%2FdLNdxAO5WrHVXCTlPPoyiHEVRaJtq9IDyyiw4UwJo6soTpSXpwMMM2%2BMzlgUWLQ6sZjeupS6XLJpC5AsWKipROzDgIyD7egYvYJy4xH4yck%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 85a7aee98a196656-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 12:24:02 GMT

GET
H2 200 video.popup.css
gewinnen-de.com/lander/14/cdn-cgi/styles/ 2 KB
937 B 69ms
67ms Stylesheet
text/css 2606:4700:3032::ac43:89f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gewinnen-de.com/lander/14/cdn-cgi/styles/video.popup.css
Requested by: Host: gewinnen-de.com
URL: https://gewinnen-de.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:89f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4ba20c53bbab84f92fc83257353fb8e3d4349d858137e53180947ee7286fdd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 16:34:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64650215-897"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4i%2B51%2FEUNWIu9xTgOlKgdd4VoIQz6HRpX2OYi0z4geOSlVUNvrUqsX1LJ098wOs%2F7zHJP8Ssdbkub21b%2BCGRYyD8XojXuPJF4tbXsmXJiB1cni2sTkkeMyPr5lJFb%2FuG02uNlRL8dFZxeXOTdg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 85a7aee98a1e6656-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 12:24:02 GMT

GET
H2 200 main.css
gewinnen-de.com/lander/14/cdn-cgi/styles// 83 B
371 B 51ms
49ms Stylesheet
text/css 2606:4700:3032::ac43:89f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gewinnen-de.com/lander/14/cdn-cgi/styles//main.css
Requested by: Host: gewinnen-de.com
URL: https://gewinnen-de.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:89f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b53d549fcddeb6723e4808b123af6eda3d2d7f56b83d2e7ae0f36230ace9fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 16:34:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64650215-53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z3Kxm0AOTIgxu9JOA15EQp0azMTxc4V2QfsnnP3DSdtYsgHQ9nG9TNOpJ4z7Qy5y%2FheSgJQ2vG48tVe3DdvEMoszWnl59w7b4eVdybzkBk2vCqcB1qRsj9VvXK8%2BIeBVz8ebjeUOgY3Rw93xtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 85a7aee98a216656-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 12:24:02 GMT

GET
H2 200 ZKKjfcmJKu_evOLGdp4cO44ZETEbbh_Agtq9HgheVzeYsjCm2v2ClDDBUfmZ2EtJ-szb
play-lh.googleusercontent.com/ 394 KB
395 KB 71ms
41ms Image
image/png 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ZKKjfcmJKu_evOLGdp4cO44ZETEbbh_Agtq9HgheVzeYsjCm2v2ClDDBUfmZ2EtJ-szb

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b521aaf13c7fe206fdd7bbdc33b33eb9fa35370089479406236ef5ec7f17b848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 403622
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:02 GMT

GET
H2 200 u_JttB4pTyaI-Y2AReyJAF_h-fZkS1CMlg1MfTFUpLU5QWS1ri_uwJXmFxlsPSG7wro
play-lh.googleusercontent.com/ 93 KB
93 KB 212ms
181ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/u_JttB4pTyaI-Y2AReyJAF_h-fZkS1CMlg1MfTFUpLU5QWS1ri_uwJXmFxlsPSG7wro

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2abbd9e21fe872a6d511289e31da2f30d159b617f7df7bf230950e29d9b0bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94752
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:02 GMT

GET
H2 200 -Zslzoq5BelZmy-U9UZ_poM5Uq4PVBZoc5t1KpNUDspTUL0Vmo53qzBKVdhVvhT4m8A
play-lh.googleusercontent.com/ 77 KB
78 KB 175ms
145ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/-Zslzoq5BelZmy-U9UZ_poM5Uq4PVBZoc5t1KpNUDspTUL0Vmo53qzBKVdhVvhT4m8A

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b174134b59edea99a4ce07c97b2d7f0784b713cd1aacb09d101d58b533d95b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79359
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:02 GMT

GET
H2 200 DGx1E3gWsU7g0q_UHSvF9qDDxRKs1MEq80eE10Zg9lIxU6C6lJFT9ays580VcnavdzU
play-lh.googleusercontent.com/ 58 KB
58 KB 184ms
154ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/DGx1E3gWsU7g0q_UHSvF9qDDxRKs1MEq80eE10Zg9lIxU6C6lJFT9ays580VcnavdzU

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1bec17b8ac53e2adc65367f32b52c808f0690875a763e1383f9007e0d1414c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59706
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:02 GMT

GET
H2 200 A-l-iENbT7t4gKHjVXxpg1pu7fqK2hq1m2CXBM8_XliMSH4wZvAE0LGX7uwdR-OFB7c
play-lh.googleusercontent.com/ 57 KB
57 KB 194ms
164ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/A-l-iENbT7t4gKHjVXxpg1pu7fqK2hq1m2CXBM8_XliMSH4wZvAE0LGX7uwdR-OFB7c

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ceb2ec6d7ceee93443473e2d5b38689c4f52e29204499bf4f4e61e70d402dac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58397
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:02 GMT

GET
H2 200 FPeZZ1xY5ZjnmyvztwflQ2GVTZqozofLA-pQdTPMpC47fscceIFezbaPxKj3LT8pZ-U
play-lh.googleusercontent.com/ 93 KB
93 KB 269ms
239ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/FPeZZ1xY5ZjnmyvztwflQ2GVTZqozofLA-pQdTPMpC47fscceIFezbaPxKj3LT8pZ-U

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2abbd9e21fe872a6d511289e31da2f30d159b617f7df7bf230950e29d9b0bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94752
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:03 GMT

GET
H2 200 z2ZQaBkYeeNgCNpDUpu1IIeBJnReA78L_frZMzuN9E-UvGgeJjl5KdF3v7ATWZOrN1I
play-lh.googleusercontent.com/ 77 KB
78 KB 256ms
256ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/z2ZQaBkYeeNgCNpDUpu1IIeBJnReA78L_frZMzuN9E-UvGgeJjl5KdF3v7ATWZOrN1I

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b174134b59edea99a4ce07c97b2d7f0784b713cd1aacb09d101d58b533d95b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79359
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:03 GMT

GET
H2 200 GPaH9QB33prs_5UJ2tdmBpmXh-LcZ_AoJoIIGvgH0D9scFPJF-3adr92zILFikdIlQ
play-lh.googleusercontent.com/ 58 KB
58 KB 200ms
199ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/GPaH9QB33prs_5UJ2tdmBpmXh-LcZ_AoJoIIGvgH0D9scFPJF-3adr92zILFikdIlQ

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1bec17b8ac53e2adc65367f32b52c808f0690875a763e1383f9007e0d1414c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59706
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:03 GMT

GET
H2 200 EJMcwMd0f9JK2yS4kovFyoHSLH2G0Y54oWyyVEFfbAqclAiVXNH0d6kMlCGVG2otS2H0
play-lh.googleusercontent.com/ 57 KB
57 KB 152ms
151ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/EJMcwMd0f9JK2yS4kovFyoHSLH2G0Y54oWyyVEFfbAqclAiVXNH0d6kMlCGVG2otS2H0

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ceb2ec6d7ceee93443473e2d5b38689c4f52e29204499bf4f4e61e70d402dac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58397
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:02 GMT

GET
H2 200 9sJVl2fvrscdIldoD_Udesp3f8W3skNSoqqW2nQqGjPz1iccPD1WWHFCh3wNmbjqdGg
play-lh.googleusercontent.com/ 93 KB
93 KB 277ms
276ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/9sJVl2fvrscdIldoD_Udesp3f8W3skNSoqqW2nQqGjPz1iccPD1WWHFCh3wNmbjqdGg

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2abbd9e21fe872a6d511289e31da2f30d159b617f7df7bf230950e29d9b0bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94752
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:03 GMT

GET
H2 200 qbOTXujigUA1CGjFrELWdnU6_qMs9yIYKfQ2G9bfwWWYRLhvlGtWK8JeCXoVrn38AxM
play-lh.googleusercontent.com/ 77 KB
78 KB 188ms
187ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/qbOTXujigUA1CGjFrELWdnU6_qMs9yIYKfQ2G9bfwWWYRLhvlGtWK8JeCXoVrn38AxM

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b174134b59edea99a4ce07c97b2d7f0784b713cd1aacb09d101d58b533d95b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79359
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:03 GMT

GET
H2 200 u58FgxBqhcUT9oCXYWrbXy9vlsrdOFk2_JPRzSeW1LlS9gNkonRJzGahWZ37GroEUw
play-lh.googleusercontent.com/ 58 KB
58 KB 326ms
325ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/u58FgxBqhcUT9oCXYWrbXy9vlsrdOFk2_JPRzSeW1LlS9gNkonRJzGahWZ37GroEUw

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1bec17b8ac53e2adc65367f32b52c808f0690875a763e1383f9007e0d1414c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59706
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:03 GMT

GET
H2 200 T6rl9wit8rItAMrsqJDfYuyD2SUFnLi_0cSm4WuX6ziGstt5WF_p2R3WxoObFxnpcEoS
play-lh.googleusercontent.com/ 57 KB
57 KB 155ms
155ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/T6rl9wit8rItAMrsqJDfYuyD2SUFnLi_0cSm4WuX6ziGstt5WF_p2R3WxoObFxnpcEoS

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ceb2ec6d7ceee93443473e2d5b38689c4f52e29204499bf4f4e61e70d402dac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58397
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:02 GMT

GET
H2 200 jquery-3.6.3.min.js Show response
code.jquery.com/ 88 KB
31 KB 29ms
6ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.3.min.js
Requested by: Host: gewinnen-de.com
URL: https://gewinnen-de.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

Referer: https://gewinnen-de.com/
Origin: https://gewinnen-de.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 695938
x-cache: HIT, HIT
content-length: 31046
x-served-by: cache-lga13623-LGA, cache-fra-etou8220091-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1708777443.821590,VS0,VE0
etag: W/"28feccc0-15f5b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 816

GET
H2 200 script.js Show response
gewinnen-de.com/lander/14/js/ 426 KB
98 KB 155ms
154ms Script
application/javascript 2606:4700:3032::ac43:89f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gewinnen-de.com/lander/14/js/script.js
Requested by: Host: gewinnen-de.com
URL: https://gewinnen-de.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:89f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beddd84f2da8a9bf7a4cc37c8d1c9a998d6d0877219952d1bf2472c934c82b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 16:34:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64650215-6a917"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwTmVm7hPQbWCbnBxPCgz1JE7nQgmxsZb0%2Fg6S8FwmVFplA3A7hTGdK34Xgp8rBGm9EFSE%2FqZLDCXov2jUudJWrqznoz29TVaNKwLjfDapaz5TO30rjC91yO2pdVsIoMS58jaCmTWQdgAmDcL1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 85a7aee98a236656-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 12:24:02 GMT

GET
H2 200 video.popup.js Show response
gewinnen-de.com/lander/14/js/ 4 KB
1 KB 101ms
100ms Script
application/javascript 2606:4700:3032::ac43:89f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gewinnen-de.com/lander/14/js/video.popup.js
Requested by: Host: gewinnen-de.com
URL: https://gewinnen-de.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:89f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 411a7294712c015f9875c4273da7147a1c773bd477ece0f668fab3caaa1393b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 16:34:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64650215-11c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJiOl61F%2FbKUAfpnA4xHLNVIjg02s%2FHnHztG8K1lh63sL4X2JKd%2Bv0%2BvfbHkxoTlhm1h%2FAV8pHdoNOp9UcV21bSjpLY9B4PloT8xUG%2FQh35mlCnRWXQFpWe%2B%2FkyT8%2Ft4aZNG%2FQCJ%2Bx6PxF8MqlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 85a7aee98a246656-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 12:24:02 GMT

GET
H2 200 owl.carousel.min.js Show response
gewinnen-de.com/lander/14/js/ 43 KB
12 KB 69ms
68ms Script
application/javascript 2606:4700:3032::ac43:89f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gewinnen-de.com/lander/14/js/owl.carousel.min.js
Requested by: Host: gewinnen-de.com
URL: https://gewinnen-de.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:89f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 16:34:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64650215-ad36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYy%2BXPo7SpDbf8W3LIt0KIOvovQunt%2F9tYgDv3iauc7X%2FwUwxbS5%2BnAxUekxKoa1d8QCfAagJunNMUL3wzjLvAZ6VsAa7iACNqyWgzGIA6zHBMeKd5%2F%2FFTDlc6%2F80BI0lUMnMk4Lyjs8q5hOwbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 85a7aee98a266656-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 12:24:02 GMT

GET
H2 200 init.js Show response
gewinnen-de.com/lander/14/js/ 1 KB
903 B 45ms
45ms Script
application/javascript 2606:4700:3032::ac43:89f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gewinnen-de.com/lander/14/js/init.js
Requested by: Host: gewinnen-de.com
URL: https://gewinnen-de.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:89f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b00e6c9ce74c2ef884578f9fa77981b78974449161a17f1446cb4feb276b68c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 16:34:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64650215-509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NMZQi49sUobpEix1F%2FDrqzkVB%2FsX15jRgritWWVlwW1rhFqsAImYfdH%2FfTX9HMzvflKS8bz7pfN%2BdhPFESYCPKGcZ3mjyB5vXplhySp3raM1gklQys8uP6iw%2BoZqVtaua33EYIEpLtC7ZB7%2FCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 85a7aee98a276656-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 12:24:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/lander/14/cdn-cgi/styles/style.css?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 11:58:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Feb 2024 12:24:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
799 B 40ms
19ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/lander/14/cdn-cgi/styles/style.css?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf272a1d8385b4ce627ac1474a8998e3bff240374f0f9ef8a339664513158710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 10:52:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Feb 2024 12:24:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
707 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/lander/14/cdn-cgi/styles/style.css?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be31cc6f5ad4f089f1a4a804709695eb70f481268e6b28add3be269aff468f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Feb 2024 12:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 11:02:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Feb 2024 12:24:02 GMT

GET
H2 200 photo-1523821741446-edb2b68bb7a0
images.unsplash.com/ 18 KB
18 KB 205ms
167ms Image
image/jpeg 2a04:4e42::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1523821741446-edb2b68bb7a0?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=600&ixid=MnwxfDB8MXxyYW5kb218MHx8YWJzdHJhY3R8fHx8fHwxNjg0MjQ4NDYy&ixlib=rb-4.0.3&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=800

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a7040c7aceca447a3f196b5473b7a17f049146d1b64ed593f7ebdd85c99cbb43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:03 GMT
x-content-type-options: nosniff
age: 67
x-cache: HIT, MISS
x-imgix-id: dcea8eed60602a8f4b80814f7da5fcfce1088fae
cross-origin-resource-policy: cross-origin
content-length: 18206
x-served-by: cache-sjc1000146-SJC, cache-fra-etou8220128-FRA
x-imgix-render-farm: 02.66056
last-modified: Sat, 24 Feb 2024 12:22:55 GMT
server: Google Frontend
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EfJbSAYFcIvMyWpOjDCGS7_0zcnQxFgNmryteaqwi0-y2UpEZueNy_mxPR2ntBgSHRc
play-lh.googleusercontent.com/ 64 KB
64 KB 150ms
149ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/EfJbSAYFcIvMyWpOjDCGS7_0zcnQxFgNmryteaqwi0-y2UpEZueNy_mxPR2ntBgSHRc

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1fbf8f8a7d9ca562a0f1be95684c05c0be9cf0e48d5a6f5ec48e2a8c9a4cbbdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gewinnen-de.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65713
x-xss-protection: 0
expires: Sun, 25 Feb 2024 12:24:03 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 43ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gewinnen-de.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 03:51:57 GMT
x-content-type-options: nosniff
age: 289925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 03:51:57 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 52ms
17ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gewinnen-de.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:41:12 GMT
x-content-type-options: nosniff
age: 366170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:41:12 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/line-awesome/1.3.0/font-awesome-line-awesome/webfonts/ 83 KB
83 KB 39ms
15ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/line-awesome/1.3.0/font-awesome-line-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/lander/14/cdn-cgi/styles/style.css?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30c9b1ce353856fbee5b9121b1cc98a4451844d860df9ebfe27571a99e0ad0cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gewinnen-de.com/
Origin: https://gewinnen-de.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8935841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 84620
last-modified: Mon, 25 May 2020 23:14:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ecc5138-14a8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e0R0UAPNLHDlo8a8jQNSpAHbhQ%2BWlXw%2BTPTQIgbYPRHzrRpSnNb%2BS69mzHNZzW8mtMN3MgGQr7JqRgjkBM%2FwVM%2FYbn9IoKKp8HOTibFxzy654qbJV4faX9NGZf1lA7ajf%2BTZ%2FAITMGhtPp47LFgXI5V"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85a7aeeaaa3c65b1-FRA
expires: Thu, 13 Feb 2025 12:24:02 GMT

GET
H2 200 themify.woff
cdn.jsdelivr.net/npm/themify-icons@1.0.0/themify-icons/fonts/ 55 KB
56 KB 40ms
17ms Font
font/woff 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/themify-icons@1.0.0/themify-icons/fonts/themify.woff

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/lander/14/cdn-cgi/styles/style.css?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gewinnen-de.com/
Origin: https://gewinnen-de.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9141099
x-jsd-version: 1.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56108
x-served-by: cache-fra-eddf8230125-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"db2c-k5TzW9Kt3SRma3m/w21PnSR8sB0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAB4%2FJEhxdxqDHTbPPrMQAQC75FIhPopGKMvoCRzNsLZYjRKAK5Xi7K%2BAiiy3s4Q07jjOK8K3QHLwSJwGXvXVpAa4Uw7JGm%2FUH2lKf6ZJ6cB8tEiI4G6fMQ8rjYWT9mudKZct68cyCdFdEEkKdc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85a7aeeaaa6f4da2-FRA

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/line-awesome/1.3.0/font-awesome-line-awesome/webfonts/ 93 KB
94 KB 46ms
23ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/line-awesome/1.3.0/font-awesome-line-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: gewinnen-de.com
URL: https://gewinnen-de.com/lander/14/cdn-cgi/styles/style.css?1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f28f6214cf3a9b14754237a1d39e393b8909772d856bc169a7817e442594d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gewinnen-de.com/
Origin: https://gewinnen-de.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 12:24:02 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 841014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 95680
last-modified: Mon, 25 May 2020 23:14:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ecc5138-175c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIxeni0g%2Bwx9cYkjsdymbBhxGeUnEwh0DBGWKgEfXImrrlyGGvLyfsXMU1uXCNut5oYKCMhVwhUlhh0CrNy2rtC8%2F1beOzwtiEVL0TajlNNeVSj7Ypp5PUZ47gATB4X%2BVy%2FQdOcdgDXzwCpRglA6xLzO"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85a7aeeaaa3d65b1-FRA
expires: Thu, 13 Feb 2025 12:24:02 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gewinnen-de.com/	1970-01-20 19:24:15	Name: _subid Value: 543us2tqr1
			gewinnen-de.com/	1970-01-21 04:15:37	Name: 9cb4a Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU1MDlcIjoxNzA4Nzc3NDQyfSxcImNhbXBhaWduc1wiOntcIjk5MzU1XCI6MTcwODc3NzQ0Mn0sXCJ0aW1lXCI6MTcwODc3NzQ0Mn0ifQ.WTX_pi7vJrlWc2bhwDZ9STia_OhBJmDldyNUZyCgkNE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
gewinnen-de.com
images.unsplash.com
play-lh.googleusercontent.com
2606:4700:3031::6815:491a
2606:4700:3032::ac43:89f8
2606:4700::6810:5914
2606:4700::6811:190e
2a00:1450:4001:810::200a
2a00:1450:4001:82a::2016
2a00:1450:4001:830::2003
2a04:4e42::649
2a04:4e42::720
0b53d549fcddeb6723e4808b123af6eda3d2d7f56b83d2e7ae0f36230ace9fc1
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0f11f0bb961b730f636f3c01dd40a6e454c4e7b5fc28fd3dbdf8aec7b2c26fd0
1bec17b8ac53e2adc65367f32b52c808f0690875a763e1383f9007e0d1414c77
1fbf8f8a7d9ca562a0f1be95684c05c0be9cf0e48d5a6f5ec48e2a8c9a4cbbdf
30c9b1ce353856fbee5b9121b1cc98a4451844d860df9ebfe27571a99e0ad0cd
386d19e125a79a79fcd97366fd3c93d856de2d9c83a0c7fdbbb38e726bc1a7ac
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
411a7294712c015f9875c4273da7147a1c773bd477ece0f668fab3caaa1393b2
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a7040c7aceca447a3f196b5473b7a17f049146d1b64ed593f7ebdd85c99cbb43
b00e6c9ce74c2ef884578f9fa77981b78974449161a17f1446cb4feb276b68c0
b174134b59edea99a4ce07c97b2d7f0784b713cd1aacb09d101d58b533d95b88
b1f28f6214cf3a9b14754237a1d39e393b8909772d856bc169a7817e442594d7
b2abbd9e21fe872a6d511289e31da2f30d159b617f7df7bf230950e29d9b0bf0
b521aaf13c7fe206fdd7bbdc33b33eb9fa35370089479406236ef5ec7f17b848
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
be31cc6f5ad4f089f1a4a804709695eb70f481268e6b28add3be269aff468f30
beddd84f2da8a9bf7a4cc37c8d1c9a998d6d0877219952d1bf2472c934c82b6b
bf272a1d8385b4ce627ac1474a8998e3bff240374f0f9ef8a339664513158710
c4ba20c53bbab84f92fc83257353fb8e3d4349d858137e53180947ee7286fdd8
ceb2ec6d7ceee93443473e2d5b38689c4f52e29204499bf4f4e61e70d402dac3

gewinnen-de.com Open in urlscan Pro 2606:4700:3032::ac43:89f8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

100 %IPv6

8 Domains

8 Subdomains

8 IPs

2 Countries

1901 kBTransfer

2713 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gewinnen-de.com Open in urlscan Pro
2606:4700:3032::ac43:89f8 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

1901 kB
Transfer

2713 kB
Size

2
Cookies

32 HTTP transactions
0 data transactions