urlscan.io logo urlscan.io
SecurityTrails logo

de1315.happy-nachrichten.de Open in urlscan Pro
45.156.91.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://farmingedible.top/64bbegRfcl0JWGhXZX1-LzAVXBthAFI8fAUGOCMXSzwBCAQbWDdYTxcZPS8SazAsHBwNOzAVNU0NPDNIA3UoEA?cyxy17009...
Effective URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Submission: On May 13 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 15 domains to perform 36 HTTP transactions. The main IP is 45.156.91.33, located in Germany and belongs to ABUNTIS, DE. The main domain is de1315.happy-nachrichten.de.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.
This is the only time de1315.happy-nachrichten.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.192.3 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 67.212.184.146 32475 (SINGLEHOP...)
1 2 2a05:22c7:1:2... 42567 (MOJHOST-EU)
2 84.16.252.20 28753 (LEASEWEB-...)
1 1 34.111.143.46 396982 (GOOGLE-CL...)
1 1 45.156.91.34 211823 (ABUNTIS)
7 45.156.91.33 211823 (ABUNTIS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 172.67.71.184 13335 (CLOUDFLAR...)
2 35.158.79.89 16509 (AMAZON-02)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 159.69.145.0 24940 (HETZNER-AS)
36 14
2    172.67.192.3 (United States)

ASN13335 (CLOUDFLARENET, US)
farmingedible.top
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
yidiandian.xyz
1    67.212.184.146 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
go.kelpboat.com
2    2a05:22c7:1:2140::197 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
go1.mgre.work
2    84.16.252.20 (Unterföhring, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
go2cliks.net
1    34.111.143.46 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.143.111.34.bc.googleusercontent.com
www.sbbq3otrk.com
1    45.156.91.34 (Germany)

ASN211823 (ABUNTIS, DE)
trckde01.de
7    45.156.91.33 (Germany)

ASN211823 (ABUNTIS, DE)
de1315.happy-nachrichten.de
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
13    172.67.71.184 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
api.cleverpush.com
2    35.158.79.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
meine.pixelweiche.de
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    159.69.145.0 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.145.69.159.clients.your-server.de
lv1.mycleverpush.com
Apex Domain
Subdomains		 Transfer
13 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 24654
api.cleverpush.com — Cisco Umbrella Rank: 21697
126 KB
7 happy-nachrichten.de
de1315.happy-nachrichten.de
952 KB
2 pixelweiche.de
meine.pixelweiche.de
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 380
34 KB
2 go2cliks.net
go2cliks.net
1 KB
2 mgre.work
go1.mgre.work Failed
992 B
2 farmingedible.top
farmingedible.top
2 KB
1 mycleverpush.com
lv1.mycleverpush.com
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
59 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
11 KB
1 trckde01.de
trckde01.de
804 B
1 sbbq3otrk.com
www.sbbq3otrk.com
510 B
1 kelpboat.com
go.kelpboat.com
2 KB
1 yidiandian.xyz
yidiandian.xyz
590 B
0 baidu.com Failed
hm.baidu.com Failed
36 15
Domain Requested by
9 static.cleverpush.com de1315.happy-nachrichten.de
static.cleverpush.com
7 de1315.happy-nachrichten.de de1315.happy-nachrichten.de
4 api.cleverpush.com static.cleverpush.com
2 meine.pixelweiche.de de1315.happy-nachrichten.de
meine.pixelweiche.de
2 go2cliks.net go1.mgre.work
2 go1.mgre.work go.kelpboat.com
2 farmingedible.top farmingedible.top
1 lv1.mycleverpush.com static.cleverpush.com
1 connect.facebook.net de1315.happy-nachrichten.de
1 ajax.googleapis.com de1315.happy-nachrichten.de
1 use.fontawesome.com de1315.happy-nachrichten.de
1 fonts.googleapis.com de1315.happy-nachrichten.de
1 trckde01.de 1 redirects
1 www.sbbq3otrk.com 1 redirects
1 go.kelpboat.com yidiandian.xyz
1 yidiandian.xyz farmingedible.top
0 hm.baidu.com Failed farmingedible.top
36 17
Subject Issuer Validity Valid
farmingedible.top
GTS CA 1P5		 2024-03-19 -
2024-06-17		 3 months crt.sh
yidiandian.xyz
GTS CA 1P5		 2024-03-31 -
2024-06-29		 3 months crt.sh
go.kelpboat.com
R3		 2024-04-12 -
2024-07-11		 3 months crt.sh
go1.mgre.work
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
go2cliks.net
R3		 2024-04-23 -
2024-07-22		 3 months crt.sh
*.happy-nachrichten.de
R3		 2024-03-31 -
2024-06-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
cleverpush.com
E1		 2024-04-30 -
2024-07-29		 3 months crt.sh
coyote.pixel-weiche.de
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-20 -
2024-05-20		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-14 -
2024-06-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Frame ID: 4FFE296D490079D94F4B30B7FBA87C5A
Requests: 33 HTTP requests in this frame

Frame: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde1315.happy-nachrichten.de
Frame ID: D56B333AE1E47187BA94E5DF9AF2FAA6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

iPhone 15 Pro Gewinnen!

Page URL History Show full URLs

  1. https://farmingedible.top/64bbegRfcl0JWGhXZX1-LzAVXBthAFI8fAUGOCMXSzwBCAQbWDdYTxcZPS8SazAsHBwNOzAVNU0N... Page URL
  2. https://farmingedible.top/404/nfp.html Page URL
  3. https://yidiandian.xyz/ Page URL
  4. https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 Page URL
  5. https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7368291282801655844&subid=25426&sid3=25426-06a... HTTP 303
    http://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2a... HTTP 307
    https://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2a... Page URL
  6. https://go2cliks.net/cpa/9887/1495?subid1=7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6&subid2=eXZleXU= Page URL
  7. https://www.sbbq3otrk.com/4HZ6GG9/24BMB4P/?sub1=9887&sub3=1376vs9f00082 HTTP 302
    https://trckde01.de/de01,iphone,15,pro_977.html?idPartner=69&idCampaignAd=0&subId=2180_9887&subI... HTTP 302
    https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

94 %
HTTPS

33 %
IPv6

15
Domains

17
Subdomains

14
IPs

3
Countries

1190 kB
Transfer

2135 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://farmingedible.top/64bbegRfcl0JWGhXZX1-LzAVXBthAFI8fAUGOCMXSzwBCAQbWDdYTxcZPS8SazAsHBwNOzAVNU0NPDNIA3UoEA?cyxy1700903790438 Page URL
  2. https://farmingedible.top/404/nfp.html Page URL
  3. https://yidiandian.xyz/ Page URL
  4. https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 Page URL
  5. https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7368291282801655844&subid=25426&sid3=25426-06aaba3z HTTP 303
    http://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6%26subid2%3DeXZleXU%3D HTTP 307
    https://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6%26subid2%3DeXZleXU%3D Page URL
  6. https://go2cliks.net/cpa/9887/1495?subid1=7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6&subid2=eXZleXU= Page URL
  7. https://www.sbbq3otrk.com/4HZ6GG9/24BMB4P/?sub1=9887&sub3=1376vs9f00082 HTTP 302
    https://trckde01.de/de01,iphone,15,pro_977.html?idPartner=69&idCampaignAd=0&subId=2180_9887&subIdentifier=1562252718254a95acc4fee56f4b3ac0_ HTTP 302
    https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://go.kelpboat.com/proc.php?6336e42386274286845969a14df7e6b141cd7a9e HTTP 301
  • https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7368291282801655844&subid=25426&sid3=25426-06aaba3z
Request Chain 6
  • https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7368291282801655844&subid=25426&sid3=25426-06aaba3z HTTP 303
  • http://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6%26subid2%3DeXZleXU%3D HTTP 307
  • https://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6%26subid2%3DeXZleXU%3D

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
64bbegRfcl0JWGhXZX1-LzAVXBthAFI8fAUGOCMXSzwBCAQbWDdYTxcZPS8SazAsHBwNOzAVNU0NPDNIA3UoEA
farmingedible.top/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://farmingedible.top/64bbegRfcl0JWGhXZX1-LzAVXBthAFI8fAUGOCMXSzwBCAQbWDdYTxcZPS8SazAsHBwNOzAVNU0NPDNIA3UoEA?cyxy1700903790438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

access-control-allow-headers
X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
882ee662d8fe65c3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 13 May 2024 01:33:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FV2Lcw%2BDSscw1yDemnj%2Bm8hAna0tDfQcCIFI3F4s9XYSI73H8dO8mBYmeBXjSRJF6YVDZPEtruCXSWJ2r1PKBZJ14TPalO56hw5tFeBlDiGWZn2uAowIwb3muSAfFakXRypdRg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
nfp.html
farmingedible.top/404/ 		827 B
822 B 		Document
General
Check archive.org
Download Go to
Full URL
https://farmingedible.top/404/nfp.html
Requested by
Host: farmingedible.top
URL: https://farmingedible.top/64bbegRfcl0JWGhXZX1-LzAVXBthAFI8fAUGOCMXSzwBCAQbWDdYTxcZPS8SazAsHBwNOzAVNU0NPDNIA3UoEA?cyxy1700903790438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a78059e3b4ae712da8b6c7d37826a18cf2f21e706853a3104a98782f71cc944

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
882ee663593365c3-FRA
content-encoding
br
content-type
text/html
date
Mon, 13 May 2024 01:33:21 GMT
last-modified
Fri, 02 Feb 2024 07:20:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZLuPr2cjUkcFqD6jRslUbk0BA1ltwOaolGjux8rJDPm3pG49HdHxrZ7oUYuw%2B5PeBLinMPvi%2B7h6OeSjFL20rHzr%2By3xjnXrfx3fgtXfBiaFxI6iIl%2Bm02ZOBcoz6raX5AXSkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
hm.js
hm.baidu.com/ 		0
0
/
yidiandian.xyz/ 		166 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yidiandian.xyz/
Requested by
Host: farmingedible.top
URL: https://farmingedible.top/404/nfp.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://farmingedible.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
882ee664886f0418-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 13 May 2024 01:33:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0UD8xQ7wKfxzICyKRNdXd853tchBSDMJxfuSOdO9cLQS1hZIIEjVd%2FngE4Rqq7yuR0uIAAIP5qBZMWmq1nyn1vwUGD9Hr7coGdmpvvM2DyJoO5jFzmMx6zOv4iqDfsu7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
go.kelpboat.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24
Requested by
Host: yidiandian.xyz
URL: https://yidiandian.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://yidiandian.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 13 May 2024 01:33:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
pop.go
go1.mgre.work/
Redirect Chain
  • https://go.kelpboat.com/proc.php?6336e42386274286845969a14df7e6b141cd7a9e
  • https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7368291282801655844&subid=25426&sid3=25426-06aaba3z
0
0
r.go
go1.mgre.work/
Redirect Chain
  • https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7368291282801655844&subid=25426&sid3=25426-06aaba3z
  • http://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6%26subid2%3DeXZleXU%3D
  • https://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6%26subid2%3DeXZleXU%3D
652 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6%26subid2%3DeXZleXU%3D
Requested by
Host: go.kelpboat.com
URL: https://go.kelpboat.com/proc.php?6336e42386274286845969a14df7e6b141cd7a9e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a05:22c7:1:2140::197 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://go.kelpboat.com/proc.php?6336e42386274286845969a14df7e6b141cd7a9e#0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
content-encoding
gzip
content-length
400
content-type
text/html; charset=utf-8
date
Mon, 13 May 2024 01:33:22 GMT
expires
Mon, 03 Jul 2001 06:00:00 GMT
last-modified
Janon, 13 05 2024 01:33:22 GMT
pragma
no-cache
server
nginx
x-backend-server
nl2-go-web-244

Redirect headers

Location
https://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6%26subid2%3DeXZleXU%3D
Non-Authoritative-Reason
HttpsUpgrades
1495
go2cliks.net/cpa/9887/ 		288 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go2cliks.net/cpa/9887/1495?subid1=7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6&subid2=eXZleXU=
Requested by
Host: go1.mgre.work
URL: https://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6%26subid2%3DeXZleXU%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
84.16.252.20 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://go1.mgre.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
close
Content-Encoding
identity
Content-Length
288
Content-Type
text/html; charset=utf-8
Date
Mon, 13 May 2024 01:33:22 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Mon, 13 May 2024 01:33:22 GMT
Pragma
no-cache
Server
nginx
Primary Request campaign_1315.html
de1315.happy-nachrichten.de/
Redirect Chain
  • https://www.sbbq3otrk.com/4HZ6GG9/24BMB4P/?sub1=9887&sub3=1376vs9f00082
  • https://trckde01.de/de01,iphone,15,pro_977.html?idPartner=69&idCampaignAd=0&subId=2180_9887&subIdentifier=1562252718254a95acc4fee56f4b3ac0_
  • https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
162 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9fdb64990e3a9fc2a8d27ce2149e3be8acbcb00ee4e752b7c5fb8651ba21821d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://go2cliks.net/cpa/9887/1495?subid1=7429f0b8-2ade-48b2-b6cf-6bd5b0abb8e6&subid2=eXZleXU=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
37231
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 May 2024 01:33:23 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 May 2024 01:33:23 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
favicon.ico
go2cliks.net/ 		146 B
289 B 		Other
General
Check archive.org
Download Go to
Full URL
https://go2cliks.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
84.16.252.20 Unterföhring, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Date
Mon, 13 May 2024 01:33:23 GMT
Server
nginx
Connection
close
Content-Length
146
Content-Type
text/html
cpa_style.css
de1315.happy-nachrichten.de/media/adresseManager/microSiteFiles/1315/ 		248 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://de1315.happy-nachrichten.de/media/adresseManager/microSiteFiles/1315/cpa_style.css
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Date
Mon, 13 May 2024 01:33:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Dec 2023 10:17:21 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3e0cd-60c89b4b1fe1b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
40035
css2
fonts.googleapis.com/ 		228 B
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f711f8a270b8bb590a0d6a8e622db9b8b8053720d542a12b3a9365bf26049f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 13 May 2024 01:33:23 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
https://de1315.happy-nachrichten.de/
Origin
https://de1315.happy-nachrichten.de
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2384743
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ABGoBAkjV10Ii1zWa4%2FhU8loVbAn%2BNpBPDgmOeQq%2FGd7CIOQQ347N%2FyJu3SN0QltwkwQ7McFp5OcBSrSIQPbh50qUS15fg2G%2FGWrXBmN6Gjb9LaZrJw6HUiPzixF27raZ86ji1ynkAvqvs0CThSpwhq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
882ee66e3dfe65ce-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Sun, 12 May 2024 16:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 May 2025 16:18:42 GMT
cyF8KJYSfZzhHi8Py.js
static.cleverpush.com/channel/loader/ 		233 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35fe3dd66ac5a3a41769b6cb3ca6c4707775119fcc907c81aeb572008edeb996

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y8XB09M2JVM32GAS
age
9674
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
amf0ALH24p2KYoe2VP83Iwml09uFNzbVTXmg8RTzHY+bnSsjx7G2ZP7F/QCNgkBot8H0s6jkO04=
last-modified
Sun, 12 May 2024 22:32:50 GMT
server
cloudflare
etag
W/"87c7f8d987a7952b67fcff2acc836952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sAZLmek2xpBOo51FEMYLDGZPewW3z7e3dkePtPT4M6i6rY8AFiDMrTuFYGxl%2BOmwiD0OAU4lxxGDmS%2Fu%2BzkDAOpJpELD5pnykmVRv9LMl0NgSWO0RUWPx5kfhxDU%2FRIn%2BhI3pc8lqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
882ee66e89ec9bfb-FRA
logofr.png
de1315.happy-nachrichten.de/media/adresseManager/microSiteImg/1315/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1315.happy-nachrichten.de/media/adresseManager/microSiteImg/1315/logofr.png
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6a68b3e5485a93869f1cfa542595ff5972fee29bf64bdb0d72e94bba4739d1e9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Date
Mon, 13 May 2024 01:33:23 GMT
Last-Modified
Fri, 15 Dec 2023 10:17:21 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"b09-60c89b4b1fe1b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2825
dsfr.png
de1315.happy-nachrichten.de/media/adresseManager/microSiteImg/1315/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1315.happy-nachrichten.de/media/adresseManager/microSiteImg/1315/dsfr.png
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b8261f0359b687419028855d3aecfea86a543fca676e520d7db84bec9e33bc1f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Date
Mon, 13 May 2024 01:33:23 GMT
Last-Modified
Fri, 15 Dec 2023 10:22:56 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1153-60c89c8a285ea"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4435
iphone15,promv.jpg
de1315.happy-nachrichten.de/media/adresseManager/microSiteImg/1315/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1315.happy-nachrichten.de/media/adresseManager/microSiteImg/1315/iphone15,promv.jpg
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8d6226448154205100101ba622b18b67b77cec74b551819331f218a5001324a5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Date
Mon, 13 May 2024 01:33:23 GMT
Last-Modified
Fri, 15 Dec 2023 10:32:00 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"17548-60c89e911b968"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
95560
script.js
meine.pixelweiche.de/ 		964 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.pixelweiche.de/script.js
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 /
Resource Hash
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Date
Mon, 13 May 2024 01:33:23 GMT
Last-Modified
Fri, 01 Sep 2017 06:01:35 GMT
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
ETag
"3c4-5581a7e5699e1;616922bc1b4c0"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
964
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 May 2024 01:33:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
PxcgQr65MuIqI2O3yQiTTQ/L+kbNU2ClL1277r3hiXcPqxmwpXUaDgKHZS/X+6zdQerdg3KKDG8K1z4Q8ACt7g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
iphone15,pro.jpg
de1315.happy-nachrichten.de/media/adresseManager/microSiteImg/1315/ 		702 KB
702 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1315.happy-nachrichten.de/media/adresseManager/microSiteImg/1315/iphone15,pro.jpg
Requested by
Host: de1315.happy-nachrichten.de
URL: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
75dffe0cdaa9c4665064e874438f385e5b55704204d3ee71f6292e2425ae19fe

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Date
Mon, 13 May 2024 01:33:23 GMT
Last-Modified
Fri, 15 Dec 2023 10:19:55 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"af877-60c89bde051b1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
718967
script.js
meine.pixelweiche.de/tg/ 		0
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meine.pixelweiche.de/tg/script.js?idPartner=&subId=&subIdentifier=&postbackToken=&zielseite=adressdata1
Requested by
Host: meine.pixelweiche.de
URL: https://meine.pixelweiche.de/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 / PHP/5.6.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Pragma
no-cache
Date
Mon, 13 May 2024 01:33:23 GMT
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
X-Powered-By
PHP/5.6.30
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
de1315.happy-nachrichten.de/ 		72 KB
72 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://de1315.happy-nachrichten.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79884767&
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

Date
Mon, 13 May 2024 01:33:23 GMT
Last-Modified
Thu, 08 Sep 2022 04:38:22 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11e46-5e822ffd79f32"
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
73286
5.877e5677b6ca133c7147.js
static.cleverpush.com/sdk/chunk/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.877e5677b6ca133c7147.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3002fef546813c1b3e5a09a4ba66bb3e4a490ea12ee76a4e5efc5a1ead0b683c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2DGN2Y1VE4PQT8WC
age
188
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CNwTcfJOIdtdDXpcb4K54y6JZOSQ8b/Rw5F/XzS/caMX7JQ26SSFjTue42L7A4F5G8C76njxxuA=
last-modified
Fri, 10 May 2024 13:26:54 GMT
server
cloudflare
etag
W/"0b6f36aba47858a26d63eeb0ebb0f4f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8C0VoJXQVHzIPkWK9%2Fm3qtGk5IK1XnEpxMf64Rk%2BTdiH56UHbhSQUe3w5QqCPtodxmosXdgp%2F%2BFroBlzTlzAI2eoOjvKwITGHxE4yFNys1UcJMkJy7imYpxHTfmLjTn1uEPnTwWBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
882ee66f7a479bfb-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCVVZRVFVADQXS54
age
370
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9mtNAlc0RU3n12+xmYe8VV3kV1nza8YB00lEaJQIPjIvoV0rLOS2MYlH5MNOVMyCMkjifX6ocEyng5qQ5yWtb6D5NYGddMVDkp3n9KLrdmc=
last-modified
Fri, 10 May 2024 13:26:52 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mV0cKpqiABE%2BMhwejtz%2FhES%2FuhDwPLZCw4RcXAlGnJt5Vzol0Kfe%2Fb244KMXXHa4vehtg4FJlraFl1BiRNo9i7rROpl92iWmMvywdMG5xFViGq9cGBQsdTKm%2FP6aogv83CQHWiQqHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
882ee66f7a4a9bfb-FRA
115.d6f4579d16a8335c5081.js
static.cleverpush.com/sdk/chunk/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/115.d6f4579d16a8335c5081.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ddd1b39eac2a04fae60a31aa02ef2b45657ea5df67f814218e9a6a677bda5b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2DGRFB34XYPHPR9S
age
187
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
R6d690POex3+6CVf6KDABlG2RWSZ1SJ5u9o13P2RoETVaj7z084TXw/v5iWkiVM7nvduT/2hFwk=
last-modified
Fri, 10 May 2024 13:26:52 GMT
server
cloudflare
etag
W/"780fd0f9008fd4d419a4aa7e324ca738"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhs7888mF5Csak4eTAFkWXbqNguJj%2BmkRO90bHFFeVeDfUzcVAEzdER6co5tq5dkHn8YaKprRSD5U7b2duNaejazKbZ8NtGhzMA1OebA1m03O62zKEE0e1Bk2NdJ1WJ42CH3I7KCQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
882ee66f7a4d9bfb-FRA
iframe
lv1.mycleverpush.com/ Frame D56B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde1315.happy-nachrichten.de
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.145.0 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.0.145.69.159.clients.your-server.de
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 13 May 2024 01:33:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-3
x-cache-status
HIT
x-robots-tag
noindex
103.ca34caf4a7c7f94a245a.js
static.cleverpush.com/sdk/chunk/ 		96 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/103.ca34caf4a7c7f94a245a.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0PVYZQMF7CEVQWJA
age
371
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
OkG/uwiikRWVfqlTko4waPNxGq7x9VGdWk1LlZJx1at78VW9JutfaAjceKb2YRTqWuGHtj6itWM=
last-modified
Fri, 10 May 2024 13:26:52 GMT
server
cloudflare
etag
W/"edca157e63c1ec51d4f0d926c455f313"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSfHqNadLPxdXYaP86pKlySNFkruhWCiqc%2Fs2igUS27F%2FQwJXCY5nqqtscooXcAuW%2BwnVCnez%2Fr%2FhQjQXaTKhIJX3SpQxgtjQpJQmlCLwgsH0A0%2Fzl6M3i6F8uf08%2FGpk7%2BI4oewbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
882ee6703ac49bfb-FRA
720.55250bc0a01067617553.js
static.cleverpush.com/sdk/chunk/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/720.55250bc0a01067617553.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634fb6243f777936587296216a0a98c5ebd215c4c2fd44bb310fdfad37ce1ea7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2DGS3HHCS2DT1ZWN
age
186
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ewZTTU1lFRgxzZYQ2QQ72xL6DsSq4iWomz2cN3UiVi8qOq8850uOvtQkDG4B2c2+AlSSJjVnS8s=
last-modified
Fri, 10 May 2024 13:26:54 GMT
server
cloudflare
etag
W/"efcb14c4a4c67c58e37dd5ee8083a4d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ery%2F8g%2B1joOBcDTSjEDogXTe7M78vOa8%2FRIB0wBjhKVYONShQ4A9vfvUrRXB9cgXJIZ5%2FfmwaBSsEZxUO9pa1fZO6sTgD%2BaENShtTzCiToZDO4SiVf0WcoMJ9buP0U4ZMqRzNwxoMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
882ee6703ac69bfb-FRA
376.8cab31ffc2b64b495b06.js
static.cleverpush.com/sdk/chunk/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/376.8cab31ffc2b64b495b06.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b45565fcd020711c8775c1a80ce7b1f9eea3546dbd5809292f908556c40ac0bf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DCVRTH94DYPN2PQT
age
368
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
m6oN1MEiPZu+p8C6siAmd8V6Nm8ZAFLgdTR/wl5Jb0RaN3ZJH2SP7tOzm3AYnxbTk3aVVUtoIDJjxnpSt4dODw==
last-modified
Fri, 10 May 2024 13:26:53 GMT
server
cloudflare
etag
W/"82d21e4c44ccb88da7bc6dc70911eddf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spBIbJkuilHtZiw0VU33ctyuncMSipGmwRWyndZ2KCatBbXDtaJRZBDPvB%2BJkUxUOtMNikRFM%2BSCcM1AwjlrDB2OqwzTElBiV51QNtwfDGfWjev0xZC5dhiLj5tEOnii%2B7wyACs9rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
882ee6706ad89bfb-FRA
862.00b24ae64de8ff317661.js
static.cleverpush.com/sdk/chunk/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/862.00b24ae64de8ff317661.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49eb1384fa0a2c2116fcc445f475fb41051e517a1e43dde798ca4770d481447

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2DGT7XWQBHKMWXS1
age
186
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
XwunaSqyEyLusqxDcSo0v7dDHimGpFJzJYTX0gSuB6vw/B5BrVkwNMzIsbb5aDp54ZKgV0ztFLw=
last-modified
Fri, 10 May 2024 13:26:55 GMT
server
cloudflare
etag
W/"cafc6aa528a48ecd92bc50630c8497d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XMyvAZA9K2q%2Bi5edbEPSwTeli0l4rhFEEM%2FngGHqk5B2zUJui52QbEy1XFSZwQS9xRgDfDmn3SioshgFuEnycuLL%2FmPNznN%2FoYq68EP2xwXNOUm9momDNmKJqvJmPfQaR4uEY%2Ff%2FIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
882ee6706ad99bfb-FRA
optin-visitor
api.cleverpush.com/channel/ 		16 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://de1315.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+
Content-Type
application/json

Response headers

date
Mon, 13 May 2024 01:33:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-2
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcM%2FwdwWSCllDDNz445%2F6mVfRLv%2B2imn9KGH%2FGdzDhKQOJwPkUBZgb54KNGl8ExiAFboxoPJ8VcdbiHX8vSdsRippVTSSa%2FvZbSTCPp6T5VvzmBKNuzmNzRi5zC8OmRSncHWnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
882ee670bfbc903a-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de1315.happy-nachrichten.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
882ee6708f9e903a-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Mon, 13 May 2024 01:33:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TH4XVLaXUUywEXx8uoj608XKg1hQqVL%2FK7pqD2BXXhaljWpwRKRzDOULYjipNLYUL1CWmmYQCxCsIDRrcVS50YfQKESeDKEtQqCHecF71w6L5LUHl4BH33AeMAtlp1H6d1%2F7Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de1315.happy-nachrichten.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
882ee67cec4f903a-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Mon, 13 May 2024 01:33:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSluCaA%2Fnx1%2BQxAwMidoVC5MeAKz3FTuHD%2F7dDpRTiAGISvR6H8BreAULFsRs%2BHTjmzNGWzOf0IiEGbOH0HNMbtZxBLSy5AaICmEjbx%2BONvAed0V8qOAocvueys7ovlNe%2Fdihw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ 		16 B
598 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://de1315.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+
Content-Type
application/json

Response headers

date
Mon, 13 May 2024 01:33:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-2
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X46ll4hHxezURdaDUQ4O3yPFy5cpI3HdrrzOdVdHaPBblpZKPRsVfkP7ovmgrdayPXFvXXWkm8AF21CP8qY7p9Bx9H35%2FiTtYTzZWjiwb3jhSrrKkGwK%2BRLDbywv6PbDehBiPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
882ee67d0c5c903a-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
defaultChannelIcon.png
static.cleverpush.com/app/images/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1315.happy-nachrichten.de/
User-Agent
Mozilla/5.0 (PlayBook; U; RIM Tablet OS 2.1.0; en-US) AppleWebKit/536.2+ (KHTML like Gecko) Version/17.4 Safari/536.2+

Response headers

date
Mon, 13 May 2024 01:33:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y85X9AKQX5YVPT63
age
1944979
alt-svc
h3=":443"; ma=86400
content-length
732
x-amz-id-2
jq83BK2+1opFPKFVw6kdo/gDYkn9MIyasfGdEi4u8wVZCD0FxkstE1QbS5DQE1mr23PU618sN6M=
last-modified
Mon, 21 Oct 2019 13:42:31 GMT
server
cloudflare
etag
"dada142d4861c864d8d63e8cd5dd22dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWoW%2BQsqQIkc8aLu%2B3ZoFYZ8HugWpsTGVuR2Xbox%2F0bY%2FfrGUHFXiogiQW12FLVOV5jpRCNyJv49AMkc6CrJ1n9h0jHvhtZF1c2NIhvDwhfr6NW39KBz%2BvXsAs0%2BpQLh%2BA5Uv3TZkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2628000
accept-ranges
bytes
cf-ray
882ee67cea969bfb-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?e6d5c1513b650adee00ba52513a6c25c
Domain
go1.mgre.work
URL
https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7368291282801655844&subid=25426&sid3=25426-06aaba3z

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| showSAM object| jQuery112405902362263909566 string| optinBoxActive function| fbq function| _fbq function| pixelweiche object| pw object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| CleverPush

6 Cookies

Domain/Path Name / Value
go2cliks.net/ Name: mobitck
Value: 1
www.sbbq3otrk.com/ Name: uniqueClick_24BMB4P
Value: 60f45008-d2de-472b-83e8-bb3cadf4d78d:1715564003
www.sbbq3otrk.com/ Name: transaction_id
Value: 1562252718254a95acc4fee56f4b3ac0
trckde01.de/ Name: PHPSESSID
Value: 1vola2gu1t9307fhnkbnot9r4g
de1315.happy-nachrichten.de/ Name: PHPSESSID
Value: nahho5n6lq0k1qiaekujepq424
de1315.happy-nachrichten.de/ Name: coyoteAffiliTokenId1315
Value: 79884767

1 Console Messages

Source Level URL
Text
network error URL: https://go2cliks.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cleverpush.com
connect.facebook.net
de1315.happy-nachrichten.de
farmingedible.top
fonts.googleapis.com
go.kelpboat.com
go1.mgre.work
go2cliks.net
hm.baidu.com
lv1.mycleverpush.com
meine.pixelweiche.de
static.cleverpush.com
trckde01.de
use.fontawesome.com
www.sbbq3otrk.com
yidiandian.xyz
go1.mgre.work
hm.baidu.com
159.69.145.0
172.67.192.3
172.67.71.184
188.114.97.3
2606:4700:3036::6815:1b98
2a00:1450:4001:802::200a
2a00:1450:4001:831::200a
2a03:2880:f084:d:face:b00c:0:3
2a05:22c7:1:2140::197
34.111.143.46
35.158.79.89
45.156.91.33
45.156.91.34
67.212.184.146
84.16.252.20
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
2a78059e3b4ae712da8b6c7d37826a18cf2f21e706853a3104a98782f71cc944
3002fef546813c1b3e5a09a4ba66bb3e4a490ea12ee76a4e5efc5a1ead0b683c
35fe3dd66ac5a3a41769b6cb3ca6c4707775119fcc907c81aeb572008edeb996
634fb6243f777936587296216a0a98c5ebd215c4c2fd44bb310fdfad37ce1ea7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a68b3e5485a93869f1cfa542595ff5972fee29bf64bdb0d72e94bba4739d1e9
75dffe0cdaa9c4665064e874438f385e5b55704204d3ee71f6292e2425ae19fe
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e
87ddd1b39eac2a04fae60a31aa02ef2b45657ea5df67f814218e9a6a677bda5b
8d6226448154205100101ba622b18b67b77cec74b551819331f218a5001324a5
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9fdb64990e3a9fc2a8d27ce2149e3be8acbcb00ee4e752b7c5fb8651ba21821d
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5
b45565fcd020711c8775c1a80ce7b1f9eea3546dbd5809292f908556c40ac0bf
b8261f0359b687419028855d3aecfea86a543fca676e520d7db84bec9e33bc1f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49eb1384fa0a2c2116fcc445f475fb41051e517a1e43dde798ca4770d481447
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
f711f8a270b8bb590a0d6a8e622db9b8b8053720d542a12b3a9365bf26049f23