www.gewinnensieihrenpreis.com Open in urlscan Pro
185.128.34.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sahlik.dns.army/trans.php?t=c&d=316605&l=1590&c=90989&ct=55269-1558&ur=19
Effective URL:
https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1...
Submission: On April 03 via api (April 3rd 2021, 5:58:45 pm UTC) from BE

Summary HTTP 65 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 17 domains to perform 65 HTTP transactions. The main IP is 185.128.34.117, located in Netherlands and belongs to EUROFIBER-UNET EUROFIBER, NL. The main domain is www.gewinnensieihrenpreis.com.
TLS certificate: Issued by R3 on March 17th 2021. Valid for: 3 months.

This is the only time www.gewinnensieihrenpreis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	132.145.139.123 132.145.139.123	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	35.204.82.162 35.204.82.162	15169 (GOOGLE) (GOOGLE)
1 1	34.91.99.156 34.91.99.156	15169 (GOOGLE) (GOOGLE)
1 1	2a03:b0c0:2:d... 2a03:b0c0:2:d0::e71:c001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	137.74.41.143 137.74.41.143	16276 (OVH) (OVH)
1 2	2606:4700:303... 2606:4700:3036::ac43:9a9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	185.128.34.117 185.128.34.117	29396 (EUROFIBER...) (EUROFIBER-UNET EUROFIBER)
1	2600:9000:218... 2600:9000:2182:1600:2:7bf5:a0c0:21	16509 (AMAZON-02) (AMAZON-02)
25	2600:9000:218... 2600:9000:2182:f000:b:413c:b700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:17e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	185.221.86.34 185.221.86.34	206998 (NEW-2) (NEW-2)
65	12

1 132.145.139.123 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sahlik.dns.army	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.82.162 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 162.82.204.35.bc.googleusercontent.com

violpluto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.99.156 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 156.99.91.34.bc.googleusercontent.com

riklyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:2:d0::e71:c001 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

ahab-mtb.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.74.41.143 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: click3.geni.link

downhill-mtb.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:9a9b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.trlxcf04.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.128.34.117 (Netherlands)

ASN29396 (EUROFIBER-UNET EUROFIBER, NL)

www.gewinnensieihrenpreis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:1600:2:7bf5:a0c0:21 (United States)

ASN16509 (AMAZON-02, US)

djjcyqvteia9v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:2182:f000:b:413c:b700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.cloudcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:17e7 (United States)

ASN13335 (CLOUDFLARENET, US)

api.mdsyzz.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.86.34 (Ireland)

ASN206998 (NEW-2, IE)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	cloudcnt.com cdn.cloudcnt.com	370 KB
19	gewinnensieihrenpreis.com www.gewinnensieihrenpreis.com	2 MB
5	gstatic.com fonts.gstatic.com	81 KB
4	google-analytics.com www.google-analytics.com	57 KB
4	googleapis.com fonts.googleapis.com	3 KB
2	nr-data.net bam.eu01.nr-data.net	471 B
2	trlxcf04.com 1 redirects click.trlxcf04.com	4 KB
1	doubleclick.net stats.g.doubleclick.net	95 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	mdsyzz.info api.mdsyzz.info	2 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	cloudfront.net djjcyqvteia9v.cloudfront.net	44 KB
1	downhill-mtb.eu 1 redirects downhill-mtb.eu	208 B
1	ahab-mtb.be 1 redirects ahab-mtb.be	225 B
1	riklyd.com 1 redirects riklyd.com	711 B
1	violpluto.com 1 redirects violpluto.com	291 B
1	dns.army 1 redirects sahlik.dns.army	368 B
65	17

	Domain	Requested by
25	cdn.cloudcnt.com	www.gewinnensieihrenpreis.com
19	www.gewinnensieihrenpreis.com	www.gewinnensieihrenpreis.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.gewinnensieihrenpreis.com www.google-analytics.com
4	fonts.googleapis.com	www.gewinnensieihrenpreis.com
2	bam.eu01.nr-data.net	js-agent.newrelic.com
2	click.trlxcf04.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	js-agent.newrelic.com	www.gewinnensieihrenpreis.com
1	api.mdsyzz.info	www.gewinnensieihrenpreis.com
1	cdn.onesignal.com	www.gewinnensieihrenpreis.com
1	djjcyqvteia9v.cloudfront.net	www.gewinnensieihrenpreis.com
1	downhill-mtb.eu	1 redirects
1	ahab-mtb.be	1 redirects
1	riklyd.com	1 redirects
1	violpluto.com	1 redirects
1	sahlik.dns.army	1 redirects
65	17

This site contains links to these domains. Also see Links.

Domain
gfunsubscribe.com
www.facebook.com
support.google.com
support.apple.com
support.mozilla.org
support.microsoft.com
www.teletekmedya.com
www.trafficrunner.de
www.suedstern-interaction.de
www.blueleads.online
www.mailcommerce.de
www.audienceserv.com
www.skyline-performance.de
www.cashbackdeals.de
emnetwork.dk
fullemedia.online
www.mscontent.de
www.outspot.de
www.yes-investmedia.de
www.finanztrends.info
www.aliceoffersyou.com
www.club-leserservice.de
www.couponarchiv.de
www.einsaperformance.de
www.unifydirect.de
www.ematics.de
mvrmedien.de
ugj.biz
adviceglobal.com.mt
www.miranda-clairvoyant.com
nofancyadvertising.com
www.bcvplus.net
maxilife.de
meinpreisvergleich.com
lifestyle-club-online.de
couponarena.de
www.dailytravel.de
www.zoo-mail.de
www.pmiprivacy.com
gerdemann-versicherungsservice.de
www.emailingnetwork.com
www.caranea.de
www.amazon.de
alohaopenwifi.com
www.trafficblast.nl
www.nuernberger.de
www.super-sparfuechse.com
rabatt-riese.com
www.azorica.fr
deutscheshoermobil.de

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
gewinnensieihrenpreis.com R3	`2021-03-17` - `2021-06-15`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.cloudcnt.com Amazon	`2020-06-20` - `2021-07-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.eu01.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
Frame ID: 166807982BE0E45C7F7297984A4E1317
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sahlik.dns.army/trans.php?t=c&d=316605&l=1590&c=90989&ct=55269-1558&ur=19 HTTP 302
https://violpluto.com/?a=1206&oc=12227&c=35132&m=3&s1=&s2=19-schkikar&s3=316605&s4=55269-1558 HTTP 302
https://riklyd.com/?a=1206&oc=12227&c=35132&m=3&s1=&s2=19-schkikar&s3=316605&s4=55269-1558&ckmg... HTTP 302
https://ahab-mtb.be/qM8t5n6c1PefZ?subid1=1206&subid2=194384587 HTTP 302
https://downhill-mtb.eu/aff_c?offer_id=4293&aff_id=1849&aff_sub=1795&aff_sub2=DONL1-484677&aff_sub3=1 HTTP 302
https://click.trlxcf04.com/click/Vy7hzBBFW96f7nzDCj?affid=101936&c1=DONL1-484677&c3=1795 HTTP 302
https://click.trlxcf04.com/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr... Page URL
https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networki... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

65
Requests

100 %
HTTPS

59 %
IPv6

17
Domains

17
Subdomains

12
IPs

6
Countries

2114 kB
Transfer

2863 kB
Size

5
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://gfunsubscribe.com/
Title: jederzeit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policies/cookies/
Title: Richtlinie

Search URL Search Domain Scan URL

URL: https://www.facebook.com/privacy/explanation
Title: diesen

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/95647?hl=de
Title: Chrom

Search URL Search Domain Scan URL

URL: https://support.apple.com/de-de/HT201265
Title: Safari

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen
Title: Firefox

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/de-de/help/4468242/microsoft-edge-browsing-data-and-privacy
Title: Internet Explorer Edge

Search URL Search Domain Scan URL

URL: https://www.teletekmedya.com/iletisim.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.trafficrunner.de/
Title: Internet

Search URL Search Domain Scan URL

URL: http://www.trafficrunner.de/index.php/datenschutz/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.suedstern-interaction.de/impressum.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.blueleads.online/datenschutz.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.mailcommerce.de/de/privacy.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.audienceserv.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.skyline-performance.de/impressum.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.cashbackdeals.de/static/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://emnetwork.dk/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://fullemedia.online/datenschutz.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.mscontent.de/agb.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.outspot.de/de/privacy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.yes-investmedia.de/datenschutz/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.finanztrends.info/impressum/%20IO%20yes-investmedia%2009052018%20signed.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.aliceoffersyou.com/terms-and-conditions/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.club-leserservice.de/datenschutz.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.couponarchiv.de/datenschutz/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.einsaperformance.de/datenschutz.php
Title: https://www.einsaperformance.de/datenschutz.php

Search URL Search Domain Scan URL

URL: https://www.unifydirect.de/datenschutz.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.ematics.de/datenschutz.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://mvrmedien.de/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://ugj.biz/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://adviceglobal.com.mt/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.miranda-clairvoyant.com/terms.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://nofancyadvertising.com/datenschutzerklaerung/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bcvplus.net/ueberuns#Datenschutz_DSGVO
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://maxilife.de/datenschutz/
Title: Datenschutzinformationen

Search URL Search Domain Scan URL

URL: https://meinpreisvergleich.com/datenschutz/
Title: Datenschutzinformationen

Search URL Search Domain Scan URL

URL: https://lifestyle-club-online.de/datenschutz/
Title: Datenschutzinformation

Search URL Search Domain Scan URL

URL: https://couponarena.de/10183-2/
Title: Datenschutzinformation

Search URL Search Domain Scan URL

URL: http://www.dailytravel.de/datenschutz/
Title: Datenschutzinformation

Search URL Search Domain Scan URL

URL: http://www.zoo-mail.de/datenschutzerklaerung/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer
Title: https://www.pmiprivacy.com/de-de/consumer

Search URL Search Domain Scan URL

URL: https://gerdemann-versicherungsservice.de/datenschutz/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.emailingnetwork.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.caranea.de/site/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.amazon.de/gp/help/customer/display?nodeId=3312401#GUID-9DFA0CFF-9E83-4207-8EE5-5B1B8CFC3F4A__SECTION_B1A612A0C0F44BECB53C001C486B5CFE
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://alohaopenwifi.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.trafficblast.nl/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nuernberger.de/datenschutz/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.super-sparfuechse.com/nutzungsbedingungen/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://rabatt-riese.com/datenschutzerklaerung/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.azorica.fr/mentions-legales/
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://deutscheshoermobil.de/
Title: DATENSCHUTZERKLÄRUNG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sahlik.dns.army/trans.php?t=c&d=316605&l=1590&c=90989&ct=55269-1558&ur=19 HTTP 302
https://violpluto.com/?a=1206&oc=12227&c=35132&m=3&s1=&s2=19-schkikar&s3=316605&s4=55269-1558 HTTP 302
https://riklyd.com/?a=1206&oc=12227&c=35132&m=3&s1=&s2=19-schkikar&s3=316605&s4=55269-1558&ckmguid=9eaaf9bd-f2e2-4164-809b-deff2f4894af HTTP 302
https://ahab-mtb.be/qM8t5n6c1PefZ?subid1=1206&subid2=194384587 HTTP 302
https://downhill-mtb.eu/aff_c?offer_id=4293&aff_id=1849&aff_sub=1795&aff_sub2=DONL1-484677&aff_sub3=1 HTTP 302
https://click.trlxcf04.com/click/Vy7hzBBFW96f7nzDCj?affid=101936&c1=DONL1-484677&c3=1795 HTTP 302
https://click.trlxcf04.com/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_supermarketpre%3Fclickid%3Dq6VyiB88IK-6068acc39d5e56316e3c6fe9%26networkid%3D101936%26publisher%3D1795%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dc081cf93-519d-4127-91d1-e3349fff51ab Page URL
https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sahlik.dns.army/trans.php?t=c&d=316605&l=1590&c=90989&ct=55269-1558&ur=19 HTTP 302
https://violpluto.com/?a=1206&oc=12227&c=35132&m=3&s1=&s2=19-schkikar&s3=316605&s4=55269-1558 HTTP 302
https://riklyd.com/?a=1206&oc=12227&c=35132&m=3&s1=&s2=19-schkikar&s3=316605&s4=55269-1558&ckmguid=9eaaf9bd-f2e2-4164-809b-deff2f4894af HTTP 302
https://ahab-mtb.be/qM8t5n6c1PefZ?subid1=1206&subid2=194384587 HTTP 302
https://downhill-mtb.eu/aff_c?offer_id=4293&aff_id=1849&aff_sub=1795&aff_sub2=DONL1-484677&aff_sub3=1 HTTP 302
https://click.trlxcf04.com/click/Vy7hzBBFW96f7nzDCj?affid=101936&c1=DONL1-484677&c3=1795 HTTP 302
https://click.trlxcf04.com/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_supermarketpre%3Fclickid%3Dq6VyiB88IK-6068acc39d5e56316e3c6fe9%26networkid%3D101936%26publisher%3D1795%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dc081cf93-519d-4127-91d1-e3349fff51ab

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

d.php Show response
click.trlxcf04.com/main/
Redirect Chain

http://sahlik.dns.army/trans.php?t=c&d=316605&l=1590&c=90989&ct=55269-1558&ur=19
https://violpluto.com/?a=1206&oc=12227&c=35132&m=3&s1=&s2=19-schkikar&s3=316605&s4=55269-1558
https://riklyd.com/?a=1206&oc=12227&c=35132&m=3&s1=&s2=19-schkikar&s3=316605&s4=55269-1558&ckmguid=9eaaf9bd-f2e2-4164-809b-deff2f4894af
https://ahab-mtb.be/qM8t5n6c1PefZ?subid1=1206&subid2=194384587
https://downhill-mtb.eu/aff_c?offer_id=4293&aff_id=1849&aff_sub=1795&aff_sub2=DONL1-484677&aff_sub3=1
https://click.trlxcf04.com/click/Vy7hzBBFW96f7nzDCj?affid=101936&c1=DONL1-484677&c3=1795
https://click.trlxcf04.com/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_supermarketpre%3Fclickid%3Dq6VyiB88IK-6068acc39d5e56316e3c6fe9%26networkid%3D101936%26publish...

281 B
821 B

382ms
381ms

Document
text/html

2606:4700:3036::ac43:9a9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.trlxcf04.com/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_supermarketpre%3Fclickid%3Dq6VyiB88IK-6068acc39d5e56316e3c6fe9%26networkid%3D101936%26publisher%3D1795%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dc081cf93-519d-4127-91d1-e3349fff51ab
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9a9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2401132c9060239bcb2c29846a66def1a77fd5e1c27f5e4150b3c6575ca150a

Request headers

:method: GET
:authority: click.trlxcf04.com
:scheme: https
:path: /main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_supermarketpre%3Fclickid%3Dq6VyiB88IK-6068acc39d5e56316e3c6fe9%26networkid%3D101936%26publisher%3D1795%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dc081cf93-519d-4127-91d1-e3349fff51ab
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dbf7a00ae8a1b0c0b3b2fc4b9d79bc7221617472707; AWSALB=mmr4b0p5rPYEPyZpEnqtHvE2pbf1IAKwyCObZmHs+Ww3Jp+YbiAKM/9+oCdy+0rsF3nL+hmiM86IiTa7oDQ3YkFlHukP77spwnp22TdAnzTODDzUyASizLKE0aRc; XSRF-TOKEN=eyJpdiI6IkVKdXpnU25zSTUwTXE2TGIxYVo4cHc9PSIsInZhbHVlIjoibkxMVVVpaTJRMUgwK1cxVDllWTBcL2IzeXhoXC9sODEyWjFWa2ZiZmxyekY1RlJLbVpVTHB0cVE4TnhUeXBOYjluSGpJTDdNQ2liS01pTnRjR2lFb0YrZz09IiwibWFjIjoiNDE3OGNhZjNmNzFkNzIxOGNjMGQ4NzJlM2UwYTM1ZGUyNDc5Mzg5NzAyMjM4ZDRkZWI5MWRhMWIwMWU2MmNmYyJ9; session=eyJpdiI6Im1RNFFRakRMODc5RTNZMkd6aU9DUHc9PSIsInZhbHVlIjoiTVFpc0FyeHMyNHNtR1M1WGxjUVBvRm95em9BbDdiK1JtbTQ1ZXNzVmROaHZRKzVIQmhTeHgxVjNRcWFHaWJMOXh4bmtkK0xxZEdEaU41RTZIS1NtaVE9PSIsIm1hYyI6Ijk2N2YzYTU5MzY4Y2JmNGNmNGY5NDZlODhlYTc0NjI0ZTU4MzBmNmI1Y2E2MjNjZjc2MzQxN2VkNWI2YWQyMzkifQ%3D%3D; ept2=eyJpdiI6IkxXZldMT3hYeE1BXC9wa0hoRWh3aU5BPT0iLCJ2YWx1ZSI6IkRCOGhTa2IrZU5rT215OGRhbW1qQVh2UVo5UjFJSklZRWF6MXVWXC8zWlpMMUcrVmlGMDdtZXVQcVFQWStHU0VmSlk5WDdXSHlzTE9oOUE2T2dTejB0T3lQeUpFMlRFeG5MRnhwbmxVNU5kM1RWNUwyWEYrOFBlOG5KckE5Tk9Lc2lMSVBUYndKSTNnMUhWR1dIUXBDTUVienVMbnFmWHU0VGFhVjZLc1NWbnZZMDV3eG1mT2QzSmthUHBqM04zbloiLCJtYWMiOiIwNGYyNjZiNDQzNWJhZDkyMGVkZTJjNTYxYjBkNTlkOTZiMzRjYjI3Y2UxMzZiZmJjZjE4MWI4Y2FlZTllYzIxIn0%3D; Inwl9LsJuof3RrPbxADwdgX2qdF4i8HFvfhbMSF7=eyJpdiI6IjFtMFROVjIrR1hJaHdWT1JGTDNzTXc9PSIsInZhbHVlIjoiRUwxRjU0MGFTY3FvWnFqcTB6R3QzSjBmTWVITHArMTNtRk9SVEFXOWRzV3J0bE43enloSXF5cHQwdWJMRjBhRzNQM1NoMVplY3ZnckZlb3BCbitLdDdyZ1RBcXFkNlZXeUltWGxEQTkrSHFvYjA1aWhVRU1jZlNXM01JajF6MVF5U1VIdnAydURsV2xMMzBHNkFDTkVoYmZXYVFGXC80NFNyUERrNUxubXNuRWdtYW1aRGVHeGNcL0dVZjJja3Y5NUl2OWQ1b3FySnh1TGlcL3dwQk1LbkZKUFU5bXdzQTF5ZGFzcGd0R3U1Z3lJRjdMU3lvZTl5MVdSSTEyNDVsdlIwaWRMUjcraXVXeWExT2hXVjVYeTlMRnNzS3J4NGtWKzdsVlwvTDRGXC80a2hFNU9HaXdDVUVhYVNmSG5oU1NjZHlheXZmSm5MMVBCM0R4WVEwUlgrQU5vXC9WVnFSWnV4WVpJK25acFo4RUk4VlJzYTFCVDBtQWFHR3pYb2hEYlpwWTFQNElWQVdvblhvNGh1dHpGckpLcDVKSEp1Y1M1R1hiYTlETk13NlM2OHJXUHhHSTU3cmdnVGx4QUJsdFwvelE0WStUREppVUlHdnFtU0tvMU9jTjJ0bTNWVnFCZDREY1FKaEl1Qzh4NGFHckM1ZU1QU1l4Wk50VVJBZzlJaWVZbTZ1UE14YmhjTld2SVNCT2pZNTVRZ1NcL0NKRGNhTHlMd09rSllvR0lCMGFxZWFkTXFiU0dPYkh1eFM1em5qWmhDYjRGdHdEREtuVkJEcTFoTDZrOTNWOUt3NnpMb1V6MkRvd1FEbTdiM3FvbTAwPSIsIm1hYyI6IjhjMjY4ODU0NjlkZjBmY2IwYTg3MzM3NzVhNzAxMTg3MWU5NjA2YTUwMDJhYThmM2IyOTY0Y2YzZTU3MDk0NjUifQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 17:58:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=nRdT4o7JSkvh5UgIYhUdYszN3m0n41NISp/ome+VUb5f4gQzP53JH3Mx08Jw87lMbcwEqAI8ibld4sIqN3qP4b44ewdAYFlBBJpJA8W78q68KnP3EK9UzSBvBW9P; Expires=Sat, 10 Apr 2021 17:58:28 GMT; Path=/ AWSALBCORS=nRdT4o7JSkvh5UgIYhUdYszN3m0n41NISp/ome+VUb5f4gQzP53JH3Mx08Jw87lMbcwEqAI8ibld4sIqN3qP4b44ewdAYFlBBJpJA8W78q68KnP3EK9UzSBvBW9P; Expires=Sat, 10 Apr 2021 17:58:28 GMT; Path=/; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 093a7bf6f70000dfc3bfb06000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3vcATZUIv1aX8QjebinqbKYmH7yx6J7l7%2Bn6TrzTskzhEokzWI8owSusnnGdZreXqhTI%2BE3XK2Ty9RK6lZbAyUNJyQJxz4K0FP2QQlTGt5Jw5UfPqKmFdX0jlC%2B6iQg%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63a42f6b2801dfc3-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 03 Apr 2021 17:58:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbf7a00ae8a1b0c0b3b2fc4b9d79bc7221617472707; expires=Mon, 03-May-21 17:58:27 GMT; path=/; domain=.trlxcf04.com; HttpOnly; SameSite=Lax AWSALB=mmr4b0p5rPYEPyZpEnqtHvE2pbf1IAKwyCObZmHs+Ww3Jp+YbiAKM/9+oCdy+0rsF3nL+hmiM86IiTa7oDQ3YkFlHukP77spwnp22TdAnzTODDzUyASizLKE0aRc; Expires=Sat, 10 Apr 2021 17:58:27 GMT; Path=/ AWSALBCORS=mmr4b0p5rPYEPyZpEnqtHvE2pbf1IAKwyCObZmHs+Ww3Jp+YbiAKM/9+oCdy+0rsF3nL+hmiM86IiTa7oDQ3YkFlHukP77spwnp22TdAnzTODDzUyASizLKE0aRc; Expires=Sat, 10 Apr 2021 17:58:27 GMT; Path=/; SameSite=None XSRF-TOKEN=eyJpdiI6IkVKdXpnU25zSTUwTXE2TGIxYVo4cHc9PSIsInZhbHVlIjoibkxMVVVpaTJRMUgwK1cxVDllWTBcL2IzeXhoXC9sODEyWjFWa2ZiZmxyekY1RlJLbVpVTHB0cVE4TnhUeXBOYjluSGpJTDdNQ2liS01pTnRjR2lFb0YrZz09IiwibWFjIjoiNDE3OGNhZjNmNzFkNzIxOGNjMGQ4NzJlM2UwYTM1ZGUyNDc5Mzg5NzAyMjM4ZDRkZWI5MWRhMWIwMWU2MmNmYyJ9; expires=Sat, 03-Apr-2021 19:58:28 GMT; Max-Age=7200; path=/ session=eyJpdiI6Im1RNFFRakRMODc5RTNZMkd6aU9DUHc9PSIsInZhbHVlIjoiTVFpc0FyeHMyNHNtR1M1WGxjUVBvRm95em9BbDdiK1JtbTQ1ZXNzVmROaHZRKzVIQmhTeHgxVjNRcWFHaWJMOXh4bmtkK0xxZEdEaU41RTZIS1NtaVE9PSIsIm1hYyI6Ijk2N2YzYTU5MzY4Y2JmNGNmNGY5NDZlODhlYTc0NjI0ZTU4MzBmNmI1Y2E2MjNjZjc2MzQxN2VkNWI2YWQyMzkifQ%3D%3D; expires=Sat, 03-Apr-2021 19:58:28 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6IkxXZldMT3hYeE1BXC9wa0hoRWh3aU5BPT0iLCJ2YWx1ZSI6IkRCOGhTa2IrZU5rT215OGRhbW1qQVh2UVo5UjFJSklZRWF6MXVWXC8zWlpMMUcrVmlGMDdtZXVQcVFQWStHU0VmSlk5WDdXSHlzTE9oOUE2T2dTejB0T3lQeUpFMlRFeG5MRnhwbmxVNU5kM1RWNUwyWEYrOFBlOG5KckE5Tk9Lc2lMSVBUYndKSTNnMUhWR1dIUXBDTUVienVMbnFmWHU0VGFhVjZLc1NWbnZZMDV3eG1mT2QzSmthUHBqM04zbloiLCJtYWMiOiIwNGYyNjZiNDQzNWJhZDkyMGVkZTJjNTYxYjBkNTlkOTZiMzRjYjI3Y2UxMzZiZmJjZjE4MWI4Y2FlZTllYzIxIn0%3D; expires=Sun, 04-Apr-2021 17:58:28 GMT; Max-Age=86400; path=/; HttpOnly Inwl9LsJuof3RrPbxADwdgX2qdF4i8HFvfhbMSF7=eyJpdiI6IjFtMFROVjIrR1hJaHdWT1JGTDNzTXc9PSIsInZhbHVlIjoiRUwxRjU0MGFTY3FvWnFqcTB6R3QzSjBmTWVITHArMTNtRk9SVEFXOWRzV3J0bE43enloSXF5cHQwdWJMRjBhRzNQM1NoMVplY3ZnckZlb3BCbitLdDdyZ1RBcXFkNlZXeUltWGxEQTkrSHFvYjA1aWhVRU1jZlNXM01JajF6MVF5U1VIdnAydURsV2xMMzBHNkFDTkVoYmZXYVFGXC80NFNyUERrNUxubXNuRWdtYW1aRGVHeGNcL0dVZjJja3Y5NUl2OWQ1b3FySnh1TGlcL3dwQk1LbkZKUFU5bXdzQTF5ZGFzcGd0R3U1Z3lJRjdMU3lvZTl5MVdSSTEyNDVsdlIwaWRMUjcraXVXeWExT2hXVjVYeTlMRnNzS3J4NGtWKzdsVlwvTDRGXC80a2hFNU9HaXdDVUVhYVNmSG5oU1NjZHlheXZmSm5MMVBCM0R4WVEwUlgrQU5vXC9WVnFSWnV4WVpJK25acFo4RUk4VlJzYTFCVDBtQWFHR3pYb2hEYlpwWTFQNElWQVdvblhvNGh1dHpGckpLcDVKSEp1Y1M1R1hiYTlETk13NlM2OHJXUHhHSTU3cmdnVGx4QUJsdFwvelE0WStUREppVUlHdnFtU0tvMU9jTjJ0bTNWVnFCZDREY1FKaEl1Qzh4NGFHckM1ZU1QU1l4Wk50VVJBZzlJaWVZbTZ1UE14YmhjTld2SVNCT2pZNTVRZ1NcL0NKRGNhTHlMd09rSllvR0lCMGFxZWFkTXFiU0dPYkh1eFM1em5qWmhDYjRGdHdEREtuVkJEcTFoTDZrOTNWOUt3NnpMb1V6MkRvd1FEbTdiM3FvbTAwPSIsIm1hYyI6IjhjMjY4ODU0NjlkZjBmY2IwYTg3MzM3NzVhNzAxMTg3MWU5NjA2YTUwMDJhYThmM2IyOTY0Y2YzZTU3MDk0NjUifQ%3D%3D; expires=Sat, 03-Apr-2021 19:58:28 GMT; Max-Age=7200; path=/; HttpOnly
cache-control: no-cache, private
location: /main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_supermarketpre%3Fclickid%3Dq6VyiB88IK-6068acc39d5e56316e3c6fe9%26networkid%3D101936%26publisher%3D1795%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dc081cf93-519d-4127-91d1-e3349fff51ab
cf-cache-status: DYNAMIC
cf-request-id: 093a7bf2db0000dfc3ff896000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2rukwDgd6qy9SLYYaf%2FDjqI8Tcltmy2JpjbPjjbIF2zu3eNKViPB282xVPRSv9IwBCvxDavRD%2F0hVPmNxDeMRNt4MOLDm9zLredc6R3Epuzk4d28LUGwfGZ4PDDCONk%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63a42f649e19dfc3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK Primary Request Cookie set tr_supermarketpre Show response
www.gewinnensieihrenpreis.com/de_de/ 132 KB
29 KB 208ms
141ms Document
text/html 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

057346f28fde80c278d08216659e4b6437c3de30dbe47d4cc35e05f124d07cf8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.gewinnensieihrenpreis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sat, 03 Apr 2021 17:58:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: visitId=88bd47fb60e619dd1a1d5d0352fbbdebf26aef7cc76cf9c0848fad310283f1b5a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22visitId%22%3Bi%3A1%3Bs%3A35%3A%22q6VyiB88IK-6068acc39d5e56316e3c6fe9%22%3B%7D; expires=Mon, 03-May-2021 17:58:28 GMT; Max-Age=2592000; path=/; HttpOnly _csrf-frontend=d37e0f97a554080a77055da528639b99c607dd9eb753db9706a6c1ceb17803a4a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%223gX4fDLTHDV24JwAxjFS8OpzQcCncJU2%22%3B%7D; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Content-Encoding: gzip

GET
H/1.1 200
OK common.css
www.gewinnensieihrenpreis.com/bundles/ 2 KB
1 KB 21ms
15ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/bundles/common.css?v=1617365120

Requested by

Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

93e6339751a6bc8510b53241e6885b89c1bf6fc6f27a24366b4b7ecf0d024ddb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 02 Apr 2021 12:05:20 GMT
Server: nginx
ETag: W/"60670880-72b"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK flamingo_main_style.css
www.gewinnensieihrenpreis.com/bundles/ 133 KB
28 KB 41ms
19ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/bundles/flamingo_main_style.css?v=1617365137

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

2a327a437b86e35d83c1c8674624846c9e48d033d2e066fd95683a84a0a2e9fd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 02 Apr 2021 12:05:37 GMT
Server: nginx
ETag: W/"60670891-213d7"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK flamingo_layout_layout-flamingo.css
www.gewinnensieihrenpreis.com/bundles/ 17 KB
4 KB 63ms
18ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/bundles/flamingo_layout_layout-flamingo.css?v=1617365137

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

833053cf991f51f3e2b88f0f0cb760017c8aeda28a561ec431357a1e5b347d28

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 02 Apr 2021 12:05:37 GMT
Server: nginx
ETag: W/"60670891-4472"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK flamingo_color_white.css
www.gewinnensieihrenpreis.com/bundles/ 12 KB
2 KB 64ms
16ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/bundles/flamingo_color_white.css?v=1617365139

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

8c63ee1c9d488d8f070c5865f4d8f32d0396ca6adf054fc6bb0e9e2e4186172a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 02 Apr 2021 12:06:17 GMT
Server: nginx
ETag: W/"606708b9-30dd"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK flamingo_brand_apple.css
www.gewinnensieihrenpreis.com/bundles/ 8 KB
2 KB 63ms
16ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/bundles/flamingo_brand_apple.css?v=1617365140

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

64c435a47f815e3ccfff6b4362f4cabd8cfe63b50616bb896c8ebf0961622ab9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 02 Apr 2021 12:06:19 GMT
Server: nginx
ETag: W/"606708bb-202f"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK flamingo_extra_empty.css
www.gewinnensieihrenpreis.com/bundles/ 0
413 B 64ms
16ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/bundles/flamingo_extra_empty.css?v=1617365143

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 02 Apr 2021 12:05:43 GMT
Server: nginx
ETag: "60670897-0"
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 1_f887ba000fc6a6553c22ef1fb6ab9bcc.png
www.gewinnensieihrenpreis.com/uploads/landings/5147/preLander/ 366 KB
366 KB 20ms
18ms Image
image/png 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gewinnensieihrenpreis.com/uploads/landings/5147/preLander/1_f887ba000fc6a6553c22ef1fb6ab9bcc.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

112d7184130d0324123df52aae90e8d1b2ad37f5eee3bdb2c733bdf278bf5d3f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 May 2019 09:35:20 GMT
Server: nginx
ETag: "5cda8bd8-5b6ed"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 374509
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 2_0d9776ddd5351dbf728e25546c0effab.jpg
www.gewinnensieihrenpreis.com/uploads/landings/5147/preLander/ 106 KB
107 KB 23ms
20ms Image
image/jpeg 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gewinnensieihrenpreis.com/uploads/landings/5147/preLander/2_0d9776ddd5351dbf728e25546c0effab.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

ba77cba7a38ac768189702e75c4a37d37c2c23c0396cdf1f05bfd5cfcfbd37d6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 May 2019 09:35:20 GMT
Server: nginx
ETag: "5cda8bd8-1a9cf"
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109007
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 2_f887ba000fc6a6553c22ef1fb6ab9bcc.png
www.gewinnensieihrenpreis.com/uploads/landings/5147/main/ 366 KB
366 KB 23ms
21ms Image
image/png 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gewinnensieihrenpreis.com/uploads/landings/5147/main/2_f887ba000fc6a6553c22ef1fb6ab9bcc.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

112d7184130d0324123df52aae90e8d1b2ad37f5eee3bdb2c733bdf278bf5d3f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 May 2019 09:35:20 GMT
Server: nginx
ETag: "5cda8bd8-5b6ed"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 374509
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 3_0d9776ddd5351dbf728e25546c0effab.jpg
www.gewinnensieihrenpreis.com/uploads/landings/5147/main/ 106 KB
107 KB 31ms
29ms Image
image/jpeg 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gewinnensieihrenpreis.com/uploads/landings/5147/main/3_0d9776ddd5351dbf728e25546c0effab.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

ba77cba7a38ac768189702e75c4a37d37c2c23c0396cdf1f05bfd5cfcfbd37d6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 May 2019 09:35:20 GMT
Server: nginx
ETag: "5cda8bd8-1a9cf"
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109007
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 4_3626a44cdcc1727867ede99dc0bd920a.svg
www.gewinnensieihrenpreis.com/uploads/landings/5147/main/ 2 KB
1 KB 36ms
35ms Image
image/svg+xml 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gewinnensieihrenpreis.com/uploads/landings/5147/main/4_3626a44cdcc1727867ede99dc0bd920a.svg
Requested by: Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: nginx /
Resource Hash: c9b73a88475e88f9fb290cde36d82cd8e742b4664fb84737dbbc634446566fcc

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Sep 2018 13:12:53 GMT
Server: nginx
ETag: W/"5ba0f9d5-7c3"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 Apr 2021 17:58:29 GMT

GET
H/1.1 200
OK 5_81eabdb7d70e87e9c8922ee54fe608ad.svg
www.gewinnensieihrenpreis.com/uploads/landings/5147/main/ 662 B
741 B 17ms
16ms Image
image/svg+xml 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gewinnensieihrenpreis.com/uploads/landings/5147/main/5_81eabdb7d70e87e9c8922ee54fe608ad.svg
Requested by: Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: nginx /
Resource Hash: 79761c1d3145340f14662606b227767fc7b8466cb608caf8479388bb6e6da66b

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Sep 2018 13:12:53 GMT
Server: nginx
ETag: W/"5ba0f9d5-296"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 Apr 2021 17:58:29 GMT

GET
H/1.1 200
OK 6_b62296920055904f4785d97394b4de91.svg
www.gewinnensieihrenpreis.com/uploads/landings/5147/main/ 773 B
817 B 19ms
18ms Image
image/svg+xml 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gewinnensieihrenpreis.com/uploads/landings/5147/main/6_b62296920055904f4785d97394b4de91.svg
Requested by: Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: nginx /
Resource Hash: bab73517c0ae20d5addc03d1f8eb46fde709f42a5f91d1cb9d2afff7da9cf314

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Sep 2018 13:12:53 GMT
Server: nginx
ETag: W/"5ba0f9d5-305"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 10 Apr 2021 17:58:29 GMT

GET
H2 200 EHawkTalon.js Show response
djjcyqvteia9v.cloudfront.net/ 43 KB
44 KB 42ms
10ms Script
application/javascript 2600:9000:2182:1600:2:7bf5:a0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djjcyqvteia9v.cloudfront.net/EHawkTalon.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:1600:2:7bf5:a0c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

54234f4ebe24f0a0058c5a4301ba3356fa0e138d3adfa12cac7b144667da104d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 05:54:15 GMT
via: 1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
last-modified: Wed, 29 Jul 2020 14:14:29 GMT
server: Apache
age: 1685054
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 44465
x-amz-cf-id: Gu9F1QnT-FQUR5gn9hjJ9nC7vUBkv4gWlAUVRSKZ9pjNZWxKNkP-Zw==
expires: Wed, 14 Apr 2021 05:54:15 GMT

GET
H2 200 5caf02536774b.png
cdn.cloudcnt.com/uploads/entityLogos/ 3 KB
4 KB 75ms
39ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/uploads/entityLogos/5caf02536774b.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bfe854925ea083ffd5d883a565d6deb7104539a443f0a7367975962ca706003a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 29308
x-cache: Hit from cloudfront
date: Sat, 03 Apr 2021 14:28:56 GMT
content-length: 3423
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Apr 2019 09:01:07 GMT
server: nginx
etag: "5caf0253-d5f"
content-type: image/png
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: MRXSW_q7FHF1NCNSX0YHX6v9YGiQCJyPi_U6pWGqsRbDmbkR_4yhUw==

GET
H/1.1 200
OK common.js Show response
www.gewinnensieihrenpreis.com/bundles/ 421 KB
119 KB 23ms
23ms Script
application/javascript 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/bundles/common.js?v=1617365120

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

20962fbac6160111f795c2af08f5f54783b66987e0a4fc17deaeb2b60aede204

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 02 Apr 2021 12:05:46 GMT
Server: nginx
ETag: W/"6067089a-693f3"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Form.js Show response
www.gewinnensieihrenpreis.com/assets/6fdc9816/js/ 4 KB
2 KB 42ms
39ms Script
application/javascript 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/assets/6fdc9816/js/Form.js?v=1617365192

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

38b06ee7fead505c21d42763ea1a97d0b1c4196221e8975f41d0148875c9b35e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 02 Apr 2021 12:06:33 GMT
Server: nginx
ETag: W/"606708c9-103c"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK scripts.js Show response
www.gewinnensieihrenpreis.com/assets/9103c120/js/ 2 KB
1 KB 23ms
20ms Script
application/javascript 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/assets/9103c120/js/scripts.js?v=1617365192

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

89ad71822e874a1edddd658dd450f9013a97d4847fb6c9efed59134aba4e6b16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 02 Apr 2021 12:06:32 GMT
Server: nginx
ETag: W/"606708c8-7d2"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 46ms
19ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 17:58:29 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2684
etag: W/"29e3b92597e716694def18b1f85abbfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 63a42f6fac33dfb7-FRA
cf-request-id: 093a7bf9c60000dfb728079000000001
expires: Tue, 06 Apr 2021 17:58:29 GMT

GET
H2 200 auto-push.min.js Show response
api.mdsyzz.info/ 3 KB
2 KB 148ms
119ms Script
application/x-javascript 2606:4700:3032::6815:17e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mdsyzz.info/auto-push.min.js
Requested by: Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:17e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 032814cf4be1a49b079a1c3c0aceda71a8aecb63c4a4a65d01e0a632b4b2a476

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 17:58:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093a7bf9c80000c2bdf5078000000001
last-modified: Sat, 20 Feb 2021 14:01:41 GMT
server: cloudflare
etag: W/"8010cee9907d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H6b%2FM0niRZJbZBV0fW6aOQoIFGL%2BRtGDBxpXarAtox%2F%2FQT3%2BNFKKND506qvWgbeapcIn%2FYW8zfKLL4XCH4ihNAv2v9mRZx8x5aKgTM4f5qJHwX5YgKypzVSVVTE%3D"}],"max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cf-ray: 63a42f6fae35c2bd-FRA

GET
H2 200 css
fonts.googleapis.com/ 29 KB
1 KB 15ms
13ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/flamingo_main_style.css?v=1617365137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50d39d7981a0feeddc52b74c4f4b32e680a3e16324d5eba9f599bf304c98bf44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gewinnensieihrenpreis.com/bundles/flamingo_main_style.css?v=1617365137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 03 Apr 2021 17:35:46 GMT
server: ESF
date: Sat, 03 Apr 2021 17:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Apr 2021 17:58:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 381 B
379 B 22ms
20ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Indie+Flower

Requested by

Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/flamingo_main_style.css?v=1617365137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ba204eb6b5ddfd1793407cdd021c7c3f02b0a6d07ea711283a502f3b594e448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gewinnensieihrenpreis.com/bundles/flamingo_main_style.css?v=1617365137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 03 Apr 2021 17:43:06 GMT
server: ESF
date: Sat, 03 Apr 2021 17:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Apr 2021 17:58:29 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 10 KB
794 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext

Requested by

Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/flamingo_brand_apple.css?v=1617365140

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

586341b2e23993a5c8d45db157b5e2d287121303d207cddf4139a0e06c3b866d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gewinnensieihrenpreis.com/bundles/flamingo_brand_apple.css?v=1617365140
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 03 Apr 2021 17:51:59 GMT
server: ESF
date: Sat, 03 Apr 2021 17:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Apr 2021 17:58:29 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 7 KB
605 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,600,700,800,900&subset=latin-ext

Requested by

Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/flamingo_brand_apple.css?v=1617365140

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc3f07dadc726ac598040d6ecd77e4f043b906a526b5f65fe525c94250b788b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gewinnensieihrenpreis.com/bundles/flamingo_brand_apple.css?v=1617365140
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 03 Apr 2021 17:54:32 GMT
server: ESF
date: Sat, 03 Apr 2021 17:58:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Apr 2021 17:58:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 6202
date: Sat, 03 Apr 2021 16:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sat, 03 Apr 2021 18:15:07 GMT

GET
H/1.1 200
OK 1_e1c1502e15df65a8ca3814b8b99c6104.jpg
www.gewinnensieihrenpreis.com/uploads/landings/5147/main/ 391 KB
392 KB 30ms
19ms Image
image/jpeg 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gewinnensieihrenpreis.com/uploads/landings/5147/main/1_e1c1502e15df65a8ca3814b8b99c6104.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

ef7b90b20a53cbcbfb39a364466c32687c3bf03525dbef56289b5ea6189f1124

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 18 Sep 2018 13:12:53 GMT
Server: nginx
ETag: "5ba0f9d5-61cee"
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 400622
X-Content-Type-Options: nosniff

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gewinnensieihrenpreis.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 114892
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gewinnensieihrenpreis.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 114892
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gewinnensieihrenpreis.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 14:16:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:21 GMT
server: sffe
age: 358931
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14932
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:16:18 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gewinnensieihrenpreis.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
age: 114892
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gewinnensieihrenpreis.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:19 GMT
server: sffe
age: 114892
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18988
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 116 KB
38 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P8KTJJW&cid=2096228864.1617472709

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be1dbd3187f48c7b344d0c1c72648748e1209bf22d25937441cf5b416f4b713c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 17:58:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38762
x-xss-protection: 0
expires: Sat, 03 Apr 2021 17:58:29 GMT

GET
H/1.1 200
OK sponsor Show response
www.gewinnensieihrenpreis.com/ 55 KB
10 KB 60ms
60ms XHR
application/json 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gewinnensieihrenpreis.com/sponsor?externalId=q6VyiB88IK-6068acc39d5e56316e3c6fe9

Requested by

Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/common.js?v=1617365120

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),

Reverse DNS

Software

nginx /

Resource Hash

c69d166f5ca6ddc46a653627e171b41c6f2a777484a6f4180327bc4da864fb20

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Apr 2021 17:58:29 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 69ms
21ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: M76D74XWHE2D9DAC
x-cache: HIT
content-length: 11777
x-amz-id-2: 5o18gYdCTbzczeDGrsqJI2aQ4WvSif7bh0/i0gW7TPuhCY3fwE43ws+0bJp9+rgtqZcSNGx14eM=
x-served-by: cache-hhn4058-HHN
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1617472709.310584,VS0,VE0
date: Sat, 03 Apr 2021 17:58:29 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 28826

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
55 B 13ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=2043256108&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_supermarketpre%3Fclickid%3Dq6VyiB88IK-6068acc39d5e56316e3c6fe9%26networkid%3D101936%26publisher%3D1795%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dc081cf93-519d-4127-91d1-e3349fff51ab&ul=en-us&de=UTF-8&dt=Gewinne!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADQAAAAC~&jid=1055127631&gjid=2017948763&cid=2096228864.1617472709&tid=UA-111673602-1&_gid=330672525.1617472709&_r=1&_slc=1&z=983517389

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Apr 2021 17:58:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gewinnensieihrenpreis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
120 B 8ms
6ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=2043256108&t=event&_s=2&dl=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_supermarketpre%3Fclickid%3Dq6VyiB88IK-6068acc39d5e56316e3c6fe9%26networkid%3D101936%26publisher%3D1795%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dc081cf93-519d-4127-91d1-e3349fff51ab&ul=en-us&de=UTF-8&dt=Gewinne!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tr_supermarketpre.101936.1795&ea=01.%20home&_u=aGBAAEADQAAAAC~&jid=&gjid=&cid=2096228864.1617472709&tid=UA-111673602-1&_gid=330672525.1617472709&z=1015578415

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 23:43:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65708
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
95 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-111673602-1&cid=2096228864.1617472709&jid=1055127631&gjid=2017948763&_gid=330672525.1617472709&_u=aGBAAEACQAAAAC~&z=2103146103

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 03 Apr 2021 17:58:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.gewinnensieihrenpreis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5b8ff035179b6.jpg
cdn.cloudcnt.com/content/image/ 9 KB
9 KB 50ms
45ms Image
image/jpeg 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b8ff035179b6.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ded9d1b70d03b7dcbc6d6e22bc570ca717516d77eb2221200d988e9d2adb6f71

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 03:05:15 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 53594
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 9iDnnZ2Q377lhoVHM33E5fHySqF-dz9s7xieRKYw4GYQcRQarIOFsw==
x-xss-protection: 1; mode=block

GET
H2 200 5c6e6979b0366.jpg
cdn.cloudcnt.com/content/image/ 10 KB
11 KB 47ms
42ms Image
image/jpeg 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c6e6979b0366.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7dd3ddef06a2cd439415afed00b4fb2f21519aef3cc3247a0d36245677f34d60

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 03:13:13 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 225916
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: xlWR1wIu4q5W3bcOk7ixrsyDg_-gsaBBK2_4BknXnySCtE9GsfK7ag==
x-xss-protection: 1; mode=block

GET
H2 200 5b9146568d1a8.png
cdn.cloudcnt.com/content/image/ 18 KB
18 KB 45ms
40ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b9146568d1a8.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2e7dc6922a3c5f0038346346fa5e3f673c5ffd5453dd3ccc0727b8e9ac65685b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 06:58:51 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 125978
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: FKE663ey83eQaTDIZisQQ-UuXyGUMKU0gs8bi1LDszfT41FzkRZWqw==
x-xss-protection: 1; mode=block

GET
H2 200 5d4989a9dd066.jpg
cdn.cloudcnt.com/content/image/ 41 KB
41 KB 54ms
49ms Image
image/jpeg 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d4989a9dd066.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b468367aabe8b610a7a1a8935c4fba7407d9629abd009bceae4d101a7b0e1f44

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 04:00:36 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 223073
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 9U9Yc_5c1dgCRaPzxrb3fhKJ8QE9H6nTtmpqLbyqpTNXVcWj7GL5Rw==
x-xss-protection: 1; mode=block

GET
H2 200 5c629ed7939c1.jpg
cdn.cloudcnt.com/content/image/ 9 KB
10 KB 45ms
41ms Image
image/jpeg 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c629ed7939c1.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dac87e71da029477fab6c767f7e1f83720602ee44a8ea8b20b82b5c142146e72

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:10:08 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 146901
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 74zE65oZOahR3zNfCqkq2821nTasYxLobwfybNr04GoQcAVUhlMo7A==
x-xss-protection: 1; mode=block

GET
H2 200 5bf6d65d0b581.png
cdn.cloudcnt.com/content/image/ 8 KB
9 KB 45ms
40ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5bf6d65d0b581.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b0b06b7ddb6b5b37b65fe2bf40eac136a898815c853eccd095b33c10b80fb37a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 04:49:18 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 220151
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: rYt1WAP4ku9Kl6DtuG7F0wqDfoQtectitEMp11YP4SCf5aV8q_nYrw==
x-xss-protection: 1; mode=block

GET
H2 200 5e67ac174dd68.png
cdn.cloudcnt.com/content/image/ 1 KB
2 KB 45ms
41ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e67ac174dd68.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5dfc4609d450d10f0779219b88c311c054c7762987d8262919b52282508d4acd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 06:41:58 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 40591
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: BAgSBFhOhYfdrCY9gXyUX41-AXS5V0TJALl_B0Pvv9i4KRyRmpEWYg==
x-xss-protection: 1; mode=block

GET
H2 200 5b76b6fddcf47.png
cdn.cloudcnt.com/content/image/ 13 KB
14 KB 45ms
41ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b76b6fddcf47.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3e888fc1a83e7c623e0f4bc054c9c94910378a03d2dfce58e81c2fee6c611598

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 04:49:18 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 220151
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: X7zEvwdCAbdTPxM--xADSH7ndelcJLrAHGVdBDd6XnUY8yH5_EXWLA==
x-xss-protection: 1; mode=block

GET
H2 200 5b8fcb96755d0.jpg
cdn.cloudcnt.com/content/image/ 11 KB
12 KB 46ms
42ms Image
image/jpeg 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b8fcb96755d0.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58336cbeb4aeacdcf7bb2168c425b6d8c1b1ddf08ab4dfbfa15bc195027a4a2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 06:58:51 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 125978
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: AOjlfW9FAfOaqWtXlvvxONrS-1gNBZtjkXBVIJUZ4QPyoA8rXSyT9Q==
x-xss-protection: 1; mode=block

GET
H2 200 5bd9bc96bbe50.png
cdn.cloudcnt.com/content/image/ 10 KB
11 KB 45ms
41ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5bd9bc96bbe50.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

31c43a1cbc5b5ab3ed0278104f9f3d95f6aafd62fed1616a2dfb61b9a5abdfb4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 00:43:45 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 148484
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: rsJjeTL6Xs2jrPRYpV8ViSNIecyqY8ZznFJJn53ALdf1ad_RuEfX5g==
x-xss-protection: 1; mode=block

GET
H2 200 5bd9be6b7afbe.png
cdn.cloudcnt.com/content/image/ 13 KB
13 KB 45ms
42ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5bd9be6b7afbe.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

03be5f9b556ff143e5fe913212de9b26e430fe2964d3cfef9905bdd4c74e70dc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 19:58:21 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 79208
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: n0qbBL4FlKvdFN3tMT-go9eZUEO0aizmcWaUrCpsghpq5UUODR-W2w==
x-xss-protection: 1; mode=block

GET
H2 200 5c332463836b5.png
cdn.cloudcnt.com/content/image/ 4 KB
5 KB 46ms
42ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c332463836b5.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

97dc93eead1f61d4cb268522654f6cba344cfae6c535031af14daccd4c7d3f64

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 07:54:50 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 36219
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 3wll4Rik-2OM4Fa_grbvTdvNIrC64f1HDo7MEi6jcJsGIMvTdafw4A==
x-xss-protection: 1; mode=block

GET
H2 200 5c93716a8e49a.png
cdn.cloudcnt.com/content/image/ 4 KB
4 KB 46ms
43ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c93716a8e49a.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d691c1d9f7f5bbdf9049827a1b8cb9e5ce0e5e9b85775ba244451a07f1e2773f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 00:45:10 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 148399
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: XkeW9fArqdgvenCdG2EYe_PvRTr05CIGbZRGxPVPOCzq9BEKhjKHFw==
x-xss-protection: 1; mode=block

GET
H2 200 5d9b0c7b7df65.png
cdn.cloudcnt.com/content/image/ 25 KB
26 KB 44ms
40ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d9b0c7b7df65.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2507d19a08f7f7b7e8a7dcb7bb5a42aea915d7d5c2ee11feb93e7be983dd694

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 20:15:10 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 78199
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ojZltf5pX-erRgVCzvAVEAgH4CbCagBd5m2wj_bESwSk8BXC3I-8yg==
x-xss-protection: 1; mode=block

GET
H2 200 5d9f03625eb67.png
cdn.cloudcnt.com/content/image/ 7 KB
8 KB 45ms
42ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d9f03625eb67.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

45cc522c878b32c2778145b10932186187dc1a474dd09d85705d8888d7278b41

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 02:07:32 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 143457
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: RxLDOMkiwibmfpXe_h9o2egy6ntL7UiHDae7aZXsev1yxK2EdQx1jA==
x-xss-protection: 1; mode=block

GET
H2 200 5d9f07c287974.png
cdn.cloudcnt.com/content/image/ 12 KB
12 KB 45ms
43ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d9f07c287974.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fe6faec24b84185900d621b21c90903412be168914b3ed5066e5b78dc405c252

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 05:14:32 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 45837
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: j5anSfcQCmqXBGwt79OT7d_TFWG8GJdBrQmks3t_Z_IHgb8CI7nd6g==
x-xss-protection: 1; mode=block

GET
H2 200 5d9f2ad17be9c.png
cdn.cloudcnt.com/content/image/ 13 KB
13 KB 46ms
43ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d9f2ad17be9c.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fd693a4bc8a0dc017d637a31533ab8a7d67d52abebf02c79714d2f2ac30ad410

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:34:18 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 145451
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ItvxBOdmjmr0O1_pEB2fhTsL4r4U0o2ZFdkxcgVp41IdM3KjvJ1mAg==
x-xss-protection: 1; mode=block

GET
H2 200 5d9f2bbcaba53.png
cdn.cloudcnt.com/content/image/ 15 KB
15 KB 52ms
49ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d9f2bbcaba53.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

219a040676abfd27ee3a7b04a2adb699223e88564582bcb328cb5628a1cc7130

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 02:24:12 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 228857
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: fv-l04aT1Fjpk_7mDuLev2YeySO5b4KDxZFKT5H2NXChac1FqeWDpg==
x-xss-protection: 1; mode=block

GET
H2 200 5db2df8f5581f.png
cdn.cloudcnt.com/content/image/ 17 KB
18 KB 46ms
44ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5db2df8f5581f.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

416b6d4cb016adf4dca8a1b0ccf4d346658550e1a9613b02f79b61d78f6be6aa

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 06:32:13 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 127576
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: i9-pCzbo3G1Ou9r4b7YxGRaXaBt8fGRNhkwwY9x1LnAsAj1hhK9Xqg==
x-xss-protection: 1; mode=block

GET
H2 200 5e8601758c946.png
cdn.cloudcnt.com/content/image/ 15 KB
15 KB 45ms
43ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e8601758c946.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7fc3fb3d43f5950b304f3eed5ac6bcd4981d83d65c4838f83d1955b62a8b8346

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 01:13:55 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 60274
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: QpJk1wCC--o7KjhQ87j4FsVyhw_HNh-JXlO8_4Si-mPuUqd101B7GQ==
x-xss-protection: 1; mode=block

GET
H2 200 5e85db22d5138.png
cdn.cloudcnt.com/content/image/ 17 KB
18 KB 46ms
43ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e85db22d5138.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8c339fd3f7ccdc191799be6597293d8db24ec2a7955927d959f5b3beb0488ea5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:18:55 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 146374
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 68PK3smtxcD4sc5HodpDd1M0MSJxlz59aC3zHYRmB8Wni2-gyzFwdg==
x-xss-protection: 1; mode=block

GET
H2 200 5f195fdab85bb.png
cdn.cloudcnt.com/content/image/ 29 KB
29 KB 46ms
44ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5f195fdab85bb.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

78f61e2ee007c61c31a3c689572ca535f99f25445665b67fa8c62c79b9d3d26c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:34:36 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 199433
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Ntv861m1yeCsCB4YjRk2BbsttvYDmBzk2zfVoLpViqGuDBTbmRIMFA==
x-xss-protection: 1; mode=block

GET
H2 200 60017a43d5c88.png
cdn.cloudcnt.com/content/image/ 43 KB
43 KB 51ms
49ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/60017a43d5c88.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

46eb48217633f8cd4708ce08c2cd8f3117435f242126fe7a73f186593ac7fc75

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 15:16:17 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 96132
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: qaMhPrYVYd5hsFBcKeneBAlC3DxdI_MJSXYa3Coz3sf9T8PHbvu3Vg==
x-xss-protection: 1; mode=block

GET
H2 200 60081e589c61e.png
cdn.cloudcnt.com/content/image/ 11 KB
11 KB 45ms
44ms Image
image/png 2600:9000:2182:f000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/60081e589c61e.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:f000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

810b3c84dbc4ce0a38f729e7ef6fa771c85f8a7fe8ce47c098d84d630469f304

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 19:45:50 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 252759
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: m40rwFfiVEMm1VeKd-Yj2hvOr3Z9LSxqdxw7nwgZSWEysqktey0tOg==
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK NRJS-9facc869c359219f55d Show response
bam.eu01.nr-data.net/1/ 57 B
275 B 95ms
25ms Script
text/javascript 185.221.86.34
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-9facc869c359219f55d?a=32509574&v=1208.49599aa&to=MhBSZQoZCBFYABZcWAtaZUMRVw8MXQYaG0cNBQ%3D%3D&rst=601&ck=1&ref=https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre&ap=104&be=220&fe=520&dc=486&perf=%7B%22timing%22:%7B%22of%22:1617472708730,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:9,%22c%22:9,%22s%22:22,%22ce%22:68,%22rq%22:68,%22rp%22:209,%22rpe%22:223,%22dl%22:212,%22di%22:487,%22ds%22:487,%22de%22:487,%22dc%22:520,%22l%22:520,%22le%22:521%7D,%22navigation%22:%7B%7D%7D&fp=357&fcp=357&at=HldRE0IDGx8%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.221.86.34 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST
H/1.1 200
OK NRJS-9facc869c359219f55d Show response
bam.eu01.nr-data.net/events/1/ 24 B
196 B 21ms
21ms XHR
image/gif 185.221.86.34
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/NRJS-9facc869c359219f55d?a=32509574&v=1208.49599aa&to=MhBSZQoZCBFYABZcWAtaZUMRVw8MXQYaG0cNBQ%3D%3D&rst=10602&ck=1&ref=https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.221.86.34 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.gewinnensieihrenpreis.com/de_de/tr_supermarketpre?clickid=q6VyiB88IK-6068acc39d5e56316e3c6fe9&networkid=101936&publisher=1795&c6=&c7=&s_id=&s_type=&ept2=c081cf93-519d-4127-91d1-e3349fff51ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gewinnensieihrenpreis.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gewinnensieihrenpreis.com/	1970-01-19 17:17:52	Name: _gat Value: 1
.gewinnensieihrenpreis.com/	1970-01-19 17:19:19	Name: _gid Value: GA1.2.330672525.1617472709
.gewinnensieihrenpreis.com/	1970-01-20 10:49:04	Name: _ga Value: GA1.2.2096228864.1617472709
www.gewinnensieihrenpreis.com/	1969-12-31 23:59:59	Name: _csrf-frontend Value: d37e0f97a554080a77055da528639b99c607dd9eb753db9706a6c1ceb17803a4a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%223gX4fDLTHDV24JwAxjFS8OpzQcCncJU2%22%3B%7D
www.gewinnensieihrenpreis.com/	1970-01-19 18:01:04	Name: visitId Value: 88bd47fb60e619dd1a1d5d0352fbbdebf26aef7cc76cf9c0848fad310283f1b5a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22visitId%22%3Bi%3A1%3Bs%3A35%3A%22q6VyiB88IK-6068acc39d5e56316e3c6fe9%22%3B%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ahab-mtb.be
api.mdsyzz.info
bam.eu01.nr-data.net
cdn.cloudcnt.com
cdn.onesignal.com
click.trlxcf04.com
djjcyqvteia9v.cloudfront.net
downhill-mtb.eu
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
riklyd.com
sahlik.dns.army
stats.g.doubleclick.net
violpluto.com
www.gewinnensieihrenpreis.com
www.google-analytics.com
132.145.139.123
137.74.41.143
151.101.114.110
185.128.34.117
185.221.86.34
2600:9000:2182:1600:2:7bf5:a0c0:21
2600:9000:2182:f000:b:413c:b700:93a1
2606:4700:3032::6815:17e7
2606:4700:3036::ac43:9a9b
2606:4700::6812:e134
2a00:1450:4001:803::200e
2a00:1450:4001:811::200a
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9d
2a03:b0c0:2:d0::e71:c001
34.91.99.156
35.204.82.162
032814cf4be1a49b079a1c3c0aceda71a8aecb63c4a4a65d01e0a632b4b2a476
03be5f9b556ff143e5fe913212de9b26e430fe2964d3cfef9905bdd4c74e70dc
057346f28fde80c278d08216659e4b6437c3de30dbe47d4cc35e05f124d07cf8
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
112d7184130d0324123df52aae90e8d1b2ad37f5eee3bdb2c733bdf278bf5d3f
20962fbac6160111f795c2af08f5f54783b66987e0a4fc17deaeb2b60aede204
219a040676abfd27ee3a7b04a2adb699223e88564582bcb328cb5628a1cc7130
2a327a437b86e35d83c1c8674624846c9e48d033d2e066fd95683a84a0a2e9fd
2e7dc6922a3c5f0038346346fa5e3f673c5ffd5453dd3ccc0727b8e9ac65685b
31c43a1cbc5b5ab3ed0278104f9f3d95f6aafd62fed1616a2dfb61b9a5abdfb4
38b06ee7fead505c21d42763ea1a97d0b1c4196221e8975f41d0148875c9b35e
3ba204eb6b5ddfd1793407cdd021c7c3f02b0a6d07ea711283a502f3b594e448
3e888fc1a83e7c623e0f4bc054c9c94910378a03d2dfce58e81c2fee6c611598
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
416b6d4cb016adf4dca8a1b0ccf4d346658550e1a9613b02f79b61d78f6be6aa
45cc522c878b32c2778145b10932186187dc1a474dd09d85705d8888d7278b41
46eb48217633f8cd4708ce08c2cd8f3117435f242126fe7a73f186593ac7fc75
50d39d7981a0feeddc52b74c4f4b32e680a3e16324d5eba9f599bf304c98bf44
54234f4ebe24f0a0058c5a4301ba3356fa0e138d3adfa12cac7b144667da104d
58336cbeb4aeacdcf7bb2168c425b6d8c1b1ddf08ab4dfbfa15bc195027a4a2b
586341b2e23993a5c8d45db157b5e2d287121303d207cddf4139a0e06c3b866d
5dfc4609d450d10f0779219b88c311c054c7762987d8262919b52282508d4acd
64c435a47f815e3ccfff6b4362f4cabd8cfe63b50616bb896c8ebf0961622ab9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
78f61e2ee007c61c31a3c689572ca535f99f25445665b67fa8c62c79b9d3d26c
79761c1d3145340f14662606b227767fc7b8466cb608caf8479388bb6e6da66b
7dd3ddef06a2cd439415afed00b4fb2f21519aef3cc3247a0d36245677f34d60
7fc3fb3d43f5950b304f3eed5ac6bcd4981d83d65c4838f83d1955b62a8b8346
810b3c84dbc4ce0a38f729e7ef6fa771c85f8a7fe8ce47c098d84d630469f304
833053cf991f51f3e2b88f0f0cb760017c8aeda28a561ec431357a1e5b347d28
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89ad71822e874a1edddd658dd450f9013a97d4847fb6c9efed59134aba4e6b16
8c339fd3f7ccdc191799be6597293d8db24ec2a7955927d959f5b3beb0488ea5
8c63ee1c9d488d8f070c5865f4d8f32d0396ca6adf054fc6bb0e9e2e4186172a
93e6339751a6bc8510b53241e6885b89c1bf6fc6f27a24366b4b7ecf0d024ddb
97dc93eead1f61d4cb268522654f6cba344cfae6c535031af14daccd4c7d3f64
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0b06b7ddb6b5b37b65fe2bf40eac136a898815c853eccd095b33c10b80fb37a
b468367aabe8b610a7a1a8935c4fba7407d9629abd009bceae4d101a7b0e1f44
ba77cba7a38ac768189702e75c4a37d37c2c23c0396cdf1f05bfd5cfcfbd37d6
bab73517c0ae20d5addc03d1f8eb46fde709f42a5f91d1cb9d2afff7da9cf314
be1dbd3187f48c7b344d0c1c72648748e1209bf22d25937441cf5b416f4b713c
bfe854925ea083ffd5d883a565d6deb7104539a443f0a7367975962ca706003a
c2401132c9060239bcb2c29846a66def1a77fd5e1c27f5e4150b3c6575ca150a
c69d166f5ca6ddc46a653627e171b41c6f2a777484a6f4180327bc4da864fb20
c9b73a88475e88f9fb290cde36d82cd8e742b4664fb84737dbbc634446566fcc
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d691c1d9f7f5bbdf9049827a1b8cb9e5ce0e5e9b85775ba244451a07f1e2773f
dac87e71da029477fab6c767f7e1f83720602ee44a8ea8b20b82b5c142146e72
ded9d1b70d03b7dcbc6d6e22bc570ca717516d77eb2221200d988e9d2adb6f71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef7b90b20a53cbcbfb39a364466c32687c3bf03525dbef56289b5ea6189f1124
f2507d19a08f7f7b7e8a7dcb7bb5a42aea915d7d5c2ee11feb93e7be983dd694
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
fc3f07dadc726ac598040d6ecd77e4f043b906a526b5f65fe525c94250b788b4
fd693a4bc8a0dc017d637a31533ab8a7d67d52abebf02c79714d2f2ac30ad410
fe6faec24b84185900d621b21c90903412be168914b3ed5066e5b78dc405c252

www.gewinnensieihrenpreis.com Open in urlscan Pro 185.128.34.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

59 %IPv6

17 Domains

17 Subdomains

12 IPs

6 Countries

2114 kBTransfer

2863 kBSize

5 Cookies

52 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gewinnensieihrenpreis.com Open in urlscan Pro
185.128.34.117 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

59 %
IPv6

17
Domains

17
Subdomains

12
IPs

6
Countries

2114 kB
Transfer

2863 kB
Size

5
Cookies

65 HTTP transactions
0 data transactions