space.aceclients.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r-tracking.realinfluncer.com/ga/click/2-47712177-2907-80803-159395-122967-23b64435f0-15ab1eb0f4
Effective URL:
https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%4...
Submission Tags: falconsandbox
Submission: On February 18 via api (February 18th 2022, 10:37:46 am UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 23 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is space.aceclients.com.
TLS certificate: Issued by E1 on February 15th 2022. Valid for: 3 months.

This is the only time space.aceclients.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::ac43:ccfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	103.214.4.122 103.214.4.122	207083 (HOSTSLIM-...) (HOSTSLIM-GLOBAL-NETWORK)
8	2606:4700::68... 2606:4700::6812:13b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:164	() ()
1	2001:4860:480... 2001:4860:4802:38::15	() ()
23	9

1 2606:4700:3032::ac43:ccfe (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r-tracking.realinfluncer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

space.aceclients.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.214.4.122 (Lelystad, Netherlands)

ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL)
PTR: tuthmosis1.pebblepedalers.com

wedeez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:13b7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.by.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:164 (None, )

ASN- ()

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (None, )

ASN- ()

measurements-api.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	wonderpush.com cdn.by.wonderpush.com — Cisco Umbrella Rank: 33444 measurements-api.wonderpush.com	214 KB
8	wedeez.com wedeez.com — Cisco Umbrella Rank: 567313	337 KB
1	geojs.io get.geojs.io	958 B
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	6 KB
1	aceclients.com space.aceclients.com	4 KB
1	realinfluncer.com 1 redirects r-tracking.realinfluncer.com	844 B
0	capitalrtv.com Failed mtp.capitalrtv.com Failed
23	9

	Domain	Requested by
8	cdn.by.wonderpush.com	space.aceclients.com cdn.by.wonderpush.com wedeez.com
8	wedeez.com	space.aceclients.com wedeez.com cdn.by.wonderpush.com
1	measurements-api.wonderpush.com	cdn.by.wonderpush.com
1	get.geojs.io	cdn.by.wonderpush.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	wedeez.com
1	cdnjs.cloudflare.com	space.aceclients.com
1	space.aceclients.com
1	r-tracking.realinfluncer.com	1 redirects
0	mtp.capitalrtv.com Failed	space.aceclients.com
23	10

This site contains no links.

Subject Issuer	Validity	Valid
*.aceclients.com E1	`2022-02-15` - `2022-05-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
wedeez.com R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
wonderpush.com Cloudflare Inc ECC CA-3	`2022-01-28` - `2022-04-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
measurements-api.wonderpush.com GTS CA 1D4	`2022-02-14` - `2022-05-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=
Frame ID: 839717219953B844BB432A03F399B9A2
Requests: 17 HTTP requests in this frame

Frame: https://wedeez.com/wonderpush.min.html
Frame ID: EB7EB54B4F9D87B5E3AF1E3B747F3AF9
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Antivirus vergleichen und kaufen – Avira Store

Page URL History Show full URLs

https://r-tracking.realinfluncer.com/ga/click/2-47712177-2907-80803-159395-122967-23b64435f0-15ab1eb0f4 HTTP 302
https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-h... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

96 %
HTTPS

89 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

608 kB
Transfer

1313 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r-tracking.realinfluncer.com/ga/click/2-47712177-2907-80803-159395-122967-23b64435f0-15ab1eb0f4 HTTP 302
https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request OTzD_EP Show response
space.aceclients.com/
Redirect Chain

https://r-tracking.realinfluncer.com/ga/click/2-47712177-2907-80803-159395-122967-23b64435f0-15ab1eb0f4
https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=

12 KB
4 KB

886ms
801ms

Document
text/html

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: fe85e7c48cdacb5d68e46fd14547db6e40e6bb56ce4cb4d5dc9e576e97649101

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 18 Feb 2022 10:37:41 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.14
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60Noil7mscRJiKGLFTHKGUy2%2FqogbYN6iF%2Fk%2FzBhaex%2FGUTEJX5IxJDp2t%2BKVMrA8viSIQMvub6eYirN%2FOzEkGe7ghXKNeDzKODgxUxNu7gVOlBS42mM6iyoKr8bt%2FabTATR6TY3UfS0mYLtPdbmzAlbWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6df69f1a29183747-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Fri, 18 Feb 2022 10:37:40 GMT
content-type: text/html; charset=utf-8
location: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=
status: 302 Found
x-rack-cache: miss
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-request-id: c777034a6c64aad938a18e9117509a20
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.025677
expires: Mon, 01 Jan 1990 00:00:00 GMT
x-powered-by: Phusion Passenger 6.0.4
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2xj0W2wbxwbR5RdRufa3jLnxOqpfBYnSb0LyF9oQSPW2gMmwlj8RDZ6m88JyqxC5e%2FF0%2BvfDggfxjc3ZtRmsFzkfngzYEpFTUNY60W2efmTu5Y%2FKokN8yzCi0b61qqrJTzVQZJfZSJ4CH7DIv8G9ZM9CfXheKAkNnw5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6df69f121a0183a2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 27 KB
6 KB 68ms
29ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: space.aceclients.com
URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8004216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4972
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-6b4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2Xbpu1np5Ytjq%2F8z4EHuAZyYFuO5eivQE%2F%2BR3Z7x26wtNzqItOja%2FggZPOQzAbSBoY1oDoroFq9IhOMple%2FJ2tkrIekzGJzj5lAi9zRdXhp3hNDwZztSIGppRiuhcLD04XogOYsmWCJaxr6oiI4Ay3c"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6df69f1f88e18397-MXP
expires: Wed, 08 Feb 2023 10:37:41 GMT

GET
H/1.1 200
OK bootstrap.min.css
wedeez.com/eml/AT-Avira-Simple-Feb22/css/ 118 KB
119 KB 84ms
16ms Stylesheet
text/css 103.214.4.122
HOSTSLIM-GLOBAL-N...

General

Check archive.org

Show headers Download Go to

Full URL: https://wedeez.com/eml/AT-Avira-Simple-Feb22/css/bootstrap.min.css
Requested by: Host: space.aceclients.com
URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.214.4.122 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS: tuthmosis1.pebblepedalers.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28 /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 10:37:41 GMT
Last-Modified: Mon, 14 Feb 2022 06:45:55 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28
ETag: "1d970-5d7f4c4ad0f11"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 121200

GET
H/1.1 200
OK customess.css
wedeez.com/eml/AT-Avira-Simple-Feb22/css/ 39 KB
40 KB 85ms
15ms Stylesheet
text/css 103.214.4.122
HOSTSLIM-GLOBAL-N...

General

Check archive.org

Show headers Download Go to

Full URL: https://wedeez.com/eml/AT-Avira-Simple-Feb22/css/customess.css
Requested by: Host: space.aceclients.com
URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.214.4.122 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS: tuthmosis1.pebblepedalers.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28 /
Resource Hash: 6993e0055689979b409a43c3187598352af8c0a0af8049505462bf2eabbe3a20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 10:37:41 GMT
Last-Modified: Mon, 14 Feb 2022 06:45:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28
ETag: "9ccc-5d7f4c49c425d"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 40140

GET
H2 200 wonderpush-loader.min.js Show response
cdn.by.wonderpush.com/sdk/1.1/ 1 KB
1 KB 129ms
33ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by: Host: space.aceclients.com
URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9220e15b323df5e063d289deee304013b2ccafe4db30073fdb1150209710dfd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:37:41 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 70861
x-cache: Miss from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 664
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:56:10 GMT
server: cloudflare
etag: "1f862f68fa87545773e67745dfd26439ed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 4b0a29060798a5746cab1da1c9cdac7a.cloudfront.net (CloudFront)
cache-control: public,max-age=86400
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
cf-ray: 6df69f20eade3743-MXP
x-amz-cf-id: gHsT6jZ3QHiWmwt5frA1pVNBW2jVH1Vj26cBYVKkg8o5zz4j3QjNgg==

GET
H/1.1 200
OK sm.svg
wedeez.com/eml/AT-Avira-Simple-Feb22/img/ 2 KB
3 KB 16ms
16ms Image
image/svg+xml 103.214.4.122
HOSTSLIM-GLOBAL-N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wedeez.com/eml/AT-Avira-Simple-Feb22/img/sm.svg
Requested by: Host: space.aceclients.com
URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.214.4.122 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS: tuthmosis1.pebblepedalers.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28 /
Resource Hash: b06a086772e41e5c71e268946669ad339dd475cd64aa09c2cdcf0c0ad9cb1b49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 10:37:41 GMT
Last-Modified: Mon, 14 Feb 2022 06:46:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28
ETag: "926-5d7f4c5a08224"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2342

GET
H/1.1 200
OK menu.png
wedeez.com/eml/AT-Avira-Simple-Feb22/img/ 1 KB
1 KB 29ms
16ms Image
image/png 103.214.4.122
HOSTSLIM-GLOBAL-N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wedeez.com/eml/AT-Avira-Simple-Feb22/img/menu.png
Requested by: Host: space.aceclients.com
URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.214.4.122 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS: tuthmosis1.pebblepedalers.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28 /
Resource Hash: e46e4251b84f5a6ae4df39c72855c9722508f3acbc813a831174bc996f47133d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 10:37:41 GMT
Last-Modified: Mon, 14 Feb 2022 06:46:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28
ETag: "456-5d7f4c5895c77"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1110

GET lander_lp
mtp.capitalrtv.com/ 0
0

GET
H/1.1 200
OK jquery.min.js Show response
wedeez.com/eml/AT-Avira-Simple-Feb22/js/ 85 KB
85 KB 16ms
16ms Script
application/javascript 103.214.4.122
HOSTSLIM-GLOBAL-N...

General

Check archive.org

Show headers Download Go to

Full URL: https://wedeez.com/eml/AT-Avira-Simple-Feb22/js/jquery.min.js
Requested by: Host: space.aceclients.com
URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.214.4.122 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS: tuthmosis1.pebblepedalers.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28 /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 10:37:41 GMT
Last-Modified: Mon, 14 Feb 2022 06:46:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28
ETag: "1538e-5d7f4c66e0674"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 86926

GET
H/1.1 200
OK bootstrap.min.js Show response
wedeez.com/eml/AT-Avira-Simple-Feb22/js/ 36 KB
36 KB 16ms
15ms Script
application/javascript 103.214.4.122
HOSTSLIM-GLOBAL-N...

General

Check archive.org

Show headers Download Go to

Full URL: https://wedeez.com/eml/AT-Avira-Simple-Feb22/js/bootstrap.min.js
Requested by: Host: space.aceclients.com
URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.214.4.122 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS: tuthmosis1.pebblepedalers.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28 /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 10:37:41 GMT
Last-Modified: Mon, 14 Feb 2022 06:46:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28
ETag: "90b5-5d7f4c641a74a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 37045

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: wedeez.com
URL: https://wedeez.com/eml/AT-Avira-Simple-Feb22/css/customess.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wedeez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 09:12:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Feb 2022 10:37:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Feb 2022 10:37:41 GMT

GET
H/1.1 200
OK bg.webp
wedeez.com/eml/AT-Avira-Simple-Feb22/img/ 52 KB
52 KB 26ms
15ms Image
image/webp 103.214.4.122
HOSTSLIM-GLOBAL-N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wedeez.com/eml/AT-Avira-Simple-Feb22/img/bg.webp
Requested by: Host: wedeez.com
URL: https://wedeez.com/eml/AT-Avira-Simple-Feb22/css/customess.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.214.4.122 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS: tuthmosis1.pebblepedalers.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28 /
Resource Hash: ec8a2af246ac4c944f0c070426044d096ac2d98f2d356039071bac74d5e2b252

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wedeez.com/eml/AT-Avira-Simple-Feb22/css/customess.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 10:37:41 GMT
Last-Modified: Mon, 14 Feb 2022 06:46:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28
ETag: "cf06-5d7f4c55a4218"
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 52998

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://space.aceclients.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 210187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 00:14:34 GMT

GET
H2 200 wonderpush.min.js Show response
cdn.by.wonderpush.com/sdk/1.1.32.4/ 430 KB
103 KB 29ms
29ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1.32.4/wonderpush.min.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 620780c0bd7759e26e87948b2b71401284538109a055a81e85a3541c3f985e6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:37:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1194076
x-cache: Miss from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105048
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:56:06 GMT
server: cloudflare
etag: "407e13e9728dd61d90579a7e10212fdbed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 a492d514787de63e7daf0f07b0c799fe.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
cf-ray: 6df69f325baf3743-MXP
x-amz-cf-id: Ot3Uj4VKL49iRAOiCnWklCulQUDhP0zYlyDMxJ6DQl-ad1H6M3eadw==

GET
H3 200 41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0 Show response
cdn.by.wonderpush.com/config/webkeys/ 2 KB
1 KB 243ms
222ms Fetch
application/json 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/config/webkeys/41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0?_=1645180664763
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.32.4/wonderpush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 015b2b435389e699ab7833bd0f1600ef53c1ee9f929f8d41d7c417896fca87d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:37:45 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-cf-pop: MXP63-P1
x-cache: Miss from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 716
access-control-allow-origin: *
last-modified: Fri, 28 Jan 2022 09:35:20 GMT
server: cloudflare
etag: "b4e00f28ff4205e208dfd742bef21a7eed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/json
via: 1.1 d2efc2528c9d37ec19b94a3d8dc21422.cloudfront.net (CloudFront)
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6df69f331e42f92f-MXP
x-amz-cf-id: 0LkBhEI09Ynp8Z3VFdcmH2FJ0pjcZtl7GWDQVnsyX2-ICcHYaE9yxQ==

GET
H/1.1 200
OK wonderpush.min.html Show response
wedeez.com/ Frame EB7E 594 B
923 B 16ms
16ms Document
text/html 103.214.4.122
HOSTSLIM-GLOBAL-N...

General

Check archive.org

Show headers Download Go to

Full URL: https://wedeez.com/wonderpush.min.html
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.32.4/wonderpush.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.214.4.122 Lelystad, Netherlands, ASN207083 (HOSTSLIM-GLOBAL-NETWORK, NL),
Reverse DNS: tuthmosis1.pebblepedalers.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28 /
Resource Hash: 218893b02d5b5276f0a1789f8adf50971a2c12f7d7b61f730f0419f520a86d46

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/

Response headers

Date: Fri, 18 Feb 2022 10:37:45 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.28
Last-Modified: Tue, 14 Sep 2021 12:03:24 GMT
ETag: "252-5cbf35e672a7b"
Accept-Ranges: bytes
Content-Length: 594
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H3 200 geojs.js Show response
cdn.by.wonderpush.com/plugins/geojs/1.0.2/ 2 KB
2 KB 37ms
37ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.32.4/wonderpush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:37:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6677601
x-cache: Miss from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1055
access-control-allow-origin: *
last-modified: Mon, 22 Jun 2020 15:30:23 GMT
server: cloudflare
etag: "eade35070a4a96bcbeb77c55c1856e96ed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 eb5be0dc626eaabd9fb27f4fb78fcb40.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,stale-while-revalidate=2592000
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
cf-ray: 6df69f348e9259e3-MXP
x-amz-cf-id: qphZ-hAuZKxSR-B1RxED1Q_VqROYhEcLH6lQs2roXUGiawNZKZ-wUQ==

GET
H3 200 wonderpush-loader.min.js Show response
cdn.by.wonderpush.com/sdk/1.1/ Frame EB7E 1 KB
1 KB 36ms
36ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by: Host: wedeez.com
URL: https://wedeez.com/wonderpush.min.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9220e15b323df5e063d289deee304013b2ccafe4db30073fdb1150209710dfd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wedeez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:37:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 70865
x-cache: Miss from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 664
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:56:10 GMT
server: cloudflare
etag: "1f862f68fa87545773e67745dfd26439ed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 4b0a29060798a5746cab1da1c9cdac7a.cloudfront.net (CloudFront)
cache-control: public,max-age=86400
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
cf-ray: 6df69f34bf5359e3-MXP
x-amz-cf-id: gHsT6jZ3QHiWmwt5frA1pVNBW2jVH1Vj26cBYVKkg8o5zz4j3QjNgg==

GET
H3 200 wonderpush.min.js Show response
cdn.by.wonderpush.com/sdk/1.1.32.4/ Frame EB7E 430 KB
103 KB 29ms
28ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1.32.4/wonderpush.min.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 620780c0bd7759e26e87948b2b71401284538109a055a81e85a3541c3f985e6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wedeez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:37:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1194077
x-cache: Miss from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105048
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:56:06 GMT
server: cloudflare
etag: "407e13e9728dd61d90579a7e10212fdbed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 a492d514787de63e7daf0f07b0c799fe.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
cf-ray: 6df69f34e80259e3-MXP
x-amz-cf-id: Ot3Uj4VKL49iRAOiCnWklCulQUDhP0zYlyDMxJ6DQl-ad1H6M3eadw==

GET
H3 200 41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0 Show response
cdn.by.wonderpush.com/config/webkeys/ Frame EB7E 2 KB
1 KB 28ms
28ms Fetch
application/json 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/config/webkeys/41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0?_=1645180665297
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.32.4/wonderpush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 015b2b435389e699ab7833bd0f1600ef53c1ee9f929f8d41d7c417896fca87d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wedeez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:37:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-cache: Miss from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 716
access-control-allow-origin: *
last-modified: Fri, 28 Jan 2022 09:35:20 GMT
server: cloudflare
etag: "b4e00f28ff4205e208dfd742bef21a7eed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/json
via: 1.1 d2efc2528c9d37ec19b94a3d8dc21422.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: MXP63-P1
accept-ranges: bytes
cf-ray: 6df69f362b5af92f-MXP
x-amz-cf-id: 0LkBhEI09Ynp8Z3VFdcmH2FJ0pjcZtl7GWDQVnsyX2-ICcHYaE9yxQ==

GET
H3 200 geojs.js Show response
cdn.by.wonderpush.com/plugins/geojs/1.0.2/ Frame EB7E 2 KB
2 KB 29ms
29ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.32.4/wonderpush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wedeez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:37:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6677601
x-cache: Miss from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1055
access-control-allow-origin: *
last-modified: Mon, 22 Jun 2020 15:30:23 GMT
server: cloudflare
etag: "eade35070a4a96bcbeb77c55c1856e96ed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 eb5be0dc626eaabd9fb27f4fb78fcb40.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,stale-while-revalidate=2592000
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
cf-ray: 6df69f366c8959e3-MXP
x-amz-cf-id: qphZ-hAuZKxSR-B1RxED1Q_VqROYhEcLH6lQs2roXUGiawNZKZ-wUQ==

GET
H2 200 geo.json Show response
get.geojs.io/v1/ip/ 335 B
958 B 293ms
66ms XHR
application/json 2606:4700:20::681a:164

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/geo.json

Requested by

Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:164 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ba9e90d0752de4bac0c8b9beca9affe87f8d2c0d627ffdd9ca48ea2418f2f44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://space.aceclients.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 61125901cfeb44a2a53054a06e4cbce6-AMS
x-geojs-location: AMS
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh%2BmBDU8aqY9wb2C6rf5BL0bkNuRoukAkAvBJT27qXN%2FojJqMQZrc8iUjqj2%2FGeVSC3SjpZy0w2sXqh8g%2BIqigbVs7%2FHXz5ZvFMzWtzLclaLRNHaqXV6yWp6FyqVNl8jjL9nRUyK4TIV9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-ray: 6df69f384c2683a0-MXP

POST
H2 202 events Show response
measurements-api.wonderpush.com/v1/ Frame EB7E 94 B
267 B 271ms
47ms XHR
application/json 2001:4860:4802:38::15

General

Check archive.org

Show headers Download Go to

Full URL: https://measurements-api.wonderpush.com/v1/events
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.32.4/wonderpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 58e61b14f0832c53b15d4cfc922c27b65d1e05690e43784cb1f929c743fca095

Request headers

Referer: https://wedeez.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://wedeez.com
x-cloud-trace-context: 82984346b252ff914e7f5fc169e8ba5f
access-control-allow-credentials: true
server: Google Frontend
date: Fri, 18 Feb 2022 10:37:45 GMT
content-length: 94
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mtp.capitalrtv.com
URL: https://mtp.capitalrtv.com/lander_lp?lp=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber@fh-wels.at

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=(Line 341) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://mtp.capitalrtv.com/lander_lp?lp=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber@fh-wels.at Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=(Line 354) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://space.aceclients.com/OTzD_EP?DsC_7c=a35wmGlmcGKclbF0wGtqaHSEYKCDomaYrGBhaJeizWtia2Rfpn1xkGhja2J-hg/klaus.krennhuber%40fh-wels.at&s3=&s4=(Line 354) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.by.wonderpush.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
measurements-api.wonderpush.com
mtp.capitalrtv.com
r-tracking.realinfluncer.com
space.aceclients.com
wedeez.com
mtp.capitalrtv.com
103.214.4.122
2001:4860:4802:38::15
2606:4700:20::681a:164
2606:4700:3032::ac43:ccfe
2606:4700::6810:135e
2606:4700::6812:13b7
2a00:1450:4001:801::2003
2a00:1450:4001:830::200a
2a06:98c1:3121::7
015b2b435389e699ab7833bd0f1600ef53c1ee9f929f8d41d7c417896fca87d9
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
218893b02d5b5276f0a1789f8adf50971a2c12f7d7b61f730f0419f520a86d46
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
58e61b14f0832c53b15d4cfc922c27b65d1e05690e43784cb1f929c743fca095
620780c0bd7759e26e87948b2b71401284538109a055a81e85a3541c3f985e6b
6993e0055689979b409a43c3187598352af8c0a0af8049505462bf2eabbe3a20
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9220e15b323df5e063d289deee304013b2ccafe4db30073fdb1150209710dfd5
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
b06a086772e41e5c71e268946669ad339dd475cd64aa09c2cdcf0c0ad9cb1b49
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515
ba9e90d0752de4bac0c8b9beca9affe87f8d2c0d627ffdd9ca48ea2418f2f44d
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e46e4251b84f5a6ae4df39c72855c9722508f3acbc813a831174bc996f47133d
ec8a2af246ac4c944f0c070426044d096ac2d98f2d356039071bac74d5e2b252
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe85e7c48cdacb5d68e46fd14547db6e40e6bb56ce4cb4d5dc9e576e97649101

space.aceclients.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

89 %IPv6

9 Domains

10 Subdomains

9 IPs

3 Countries

608 kBTransfer

1313 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

space.aceclients.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

89 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

608 kB
Transfer

1313 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions