urlscan.io logo urlscan.io
SecurityTrails logo

fragebogen.geers.de Open in urlscan Pro
34.117.143.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://discordpromos.com/
Effective URL: https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Af...
Submission: On June 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 24 HTTP transactions. The main IP is 34.117.143.69, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is fragebogen.geers.de.
TLS certificate: Issued by GTS CA 1D4 on May 13th 2022. Valid for: 3 months.
This is the only time fragebogen.geers.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 103.224.182.210 133618 (TRELLIAN-...)
1 5 103.224.182.206 133618 (TRELLIAN-...)
1 78.46.197.88 24940 (HETZNER-AS)
2 157.90.169.168 24940 (HETZNER-AS)
1 198.11.181.248 45102 (ALIBABA-C...)
1 1 23.205.253.64 16625 (AKAMAI-AS)
7 34.117.143.69 15169 (GOOGLE)
1 2a02:26f0:350... ()
1 96.16.142.89 ()
1 2a00:1450:400... ()
2 2600:9000:225... ()
1 2606:4700::68... ()
24 11
2    103.224.182.210 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-210.above.com
discordpromos.com
5    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
1redirc.com
1    78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com
2    157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
lookandfind.me
1    198.11.181.248 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
www.linkbux.com
1    23.205.253.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com
www.awin1.com
7    34.117.143.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.143.117.34.bc.googleusercontent.com
fragebogen.geers.de
1    2a02:26f0:3500:889::13b8 (None, )

ASN- ()
cdn.optimizely.com
1    96.16.142.89 (None, )

ASN- ()
cdn3.optimizely.com
1    2a00:1450:4001:812::2008 (None, )

ASN- ()
www.googletagmanager.com
2    2600:9000:225e:8200:12:94b3:c380:93a1 (None, )

ASN- ()
images.ctfassets.net
1    2606:4700::6810:9440 (None, )

ASN- ()
cdn.cookielaw.org
Apex Domain
Subdomains		 Transfer
7 geers.de
fragebogen.geers.de
318 KB
5 1redirc.com
1redirc.com — Cisco Umbrella Rank: 123533
8 KB
2 ctfassets.net
images.ctfassets.net
1 KB
2 optimizely.com
cdn.optimizely.com
cdn3.optimizely.com
a18736142230.cdn.optimizely.com Failed
88 KB
2 lookandfind.me
lookandfind.me — Cisco Umbrella Rank: 405135
937 B
2 discordpromos.com
discordpromos.com
2 KB
1 cookielaw.org
cdn.cookielaw.org
7 KB
1 googletagmanager.com
www.googletagmanager.com
86 KB
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14048
791 B
1 linkbux.com
www.linkbux.com — Cisco Umbrella Rank: 170437
790 B
1 clever-redirect.com
clever-redirect.com
675 B
0 piwik.pro Failed
sonova.containers.piwik.pro Failed
24 12
Domain Requested by
7 fragebogen.geers.de www.linkbux.com
fragebogen.geers.de
5 1redirc.com 1 redirects 1redirc.com
2 images.ctfassets.net fragebogen.geers.de
2 lookandfind.me clever-redirect.com
2 discordpromos.com 2 redirects
1 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
1 www.googletagmanager.com fragebogen.geers.de
1 cdn3.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com fragebogen.geers.de
1 www.awin1.com 1 redirects
1 www.linkbux.com lookandfind.me
1 clever-redirect.com 1redirc.com
0 sonova.containers.piwik.pro Failed 1redirc.com
0 a18736142230.cdn.optimizely.com Failed cdn.optimizely.com
24 14

This site contains no links.

Subject Issuer Validity Valid
tracker.clever-redirect.com
R3		 2022-06-06 -
2022-09-04		 3 months crt.sh
lookandfind.me
R3		 2022-05-03 -
2022-08-01		 3 months crt.sh
*.linkbux.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-07 -
2022-08-05		 a year crt.sh
fragebogen.geers.de
GTS CA 1D4		 2022-05-13 -
2022-08-11		 3 months crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2021-12-24 -
2022-12-24		 a year crt.sh
*.optimizely.com
DigiCert SHA2 Secure Server CA		 2021-12-24 -
2022-12-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
images.ctfassets.net
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Frame ID: A3CF05E46BF9DC542DB13620F5891D3F
Requests: 24 HTTP requests in this frame

Frame: https://a18736142230.cdn.optimizely.com/client_storage/a18736142230.html
Frame ID: 22BF89CBF779F3AAB8AC36F1CA9586B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://discordpromos.com/ HTTP 302
    https://discordpromos.com/ HTTP 302
    http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK... Page URL
  2. http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D18391... HTTP 302
    https://clever-redirect.com/s/r6?s=721614&s3=1839183755&sid=20220623230227b087a4f8ba8a63ac0d Page URL
  3. https://lookandfind.me/s/a?t=11&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=info.geers.de&s1=721614&s2... Page URL
  4. https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.linkbux.com%2Ftrack%3Fpid%3DLB00002126%26mid%3D13417... Page URL
  5. https://www.linkbux.com/track?pid=LB00002126&mid=13417&url=https://www.info.geers.de/&uid=5e0188b41b... Page URL
  6. https://www.awin1.com/cread.php?pref=lookandfind.me%2F&awinmid=22338&awinaffid=685769&clickref=lb_... HTTP 302
    https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Page Statistics

24
Requests

71 %
HTTPS

33 %
IPv6

12
Domains

14
Subdomains

11
IPs

3
Countries

513 kB
Transfer

3084 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://discordpromos.com/ HTTP 302
    https://discordpromos.com/ HTTP 302
    http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK1g2SzlKTTJWUjhHRjlPd1N5aUNnOHV6Z2tHUzdDdlNhNURZTGJGcEdoc2REOEFtb3JCZWhHWTJpdnNzTG82OVZqWFIyQm91b2p5VnlZSGRBMUN2N0pyY1FhWjlkQTVSVGVIUGx3UE90cHgrRUw1MmhheWVOT1krQndEanhOd2RpQTNKdDY4NU1keGlTVDE2MXpJY2FwWGs0NXJVclRGbWpPUjVPb0laOHVtTlFSZVZwUUVhWEtmS3pGazVkWjdoSytjY01EZlFoMDZ0cUJTd0R3RGRjdFd6ZlBZdEJYK1FRN29OcEdUUFdxVWJ2N1k0MHRNN1NrekFhUjY3Sy9tNkNwa3ZLbDBacHVLQjAzNXA0OFhQazJrelp5R1NMUHhhWTM4ZXZPM3N3R2JIbE80bnE5dk94N1JzN21RS1d4ZXBUS0N1UFhXN3VJbTIxVHZKUERJb0hqbjVOOGF3dGlLQUw3QlVsYzNCazY4RjJGc3FJOXROTy9QUk5QZVFIMmNtODFkWFAybmhlZmduQlNZRm9zeHQzZkJpS1dza29YNTBsbzI0OXYvb1VjMmVSdWJuOEhHZ2Y3N2k3N2tqTGFhWFJMRDVVNjNiTEpscHhCd242b3cxeWVReiszS1ZJc0ljZTZNdkRLQ0l1OHFGQXMxZEx1M3VqMFhVdzRvUmlleFlZWWVibXVNMngwYTVmZVdsdVJwWUxYOG5kd1RIbkkzcnRXd1F4N3U0TlJKRXBjL3dOWUttYllLVTYzVkhuUExOaHdGRGE2ZG9KS1J3UVgrZ01GQmZDM09WWjFLaEloeHdOcGJTQ2tCK0F3U3ZvTTlXVDZ5SlJjUmV6c1FBUHJ2dk1YRVhQVWh4Y0lHMGEzajk4V282R3ZVdGVRUHVReUNKUFdSWExJaHllLzEwU1VWT1c1VmRsUlREMHBHMmdQc2JmRnJQd3FoV0k1TUt5NDZKVDYwUXQrMTV4RUhuVHgwb3NHdA%3D%3D Page URL
  2. http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1839183755%26sid%3D20220623230227b087a4f8ba8a63ac0d&s=j&enc=bPuV9e5UgGOqBwaBD1RVtH49flV3d3dzblJJNnFYVndBQXpVZTRnM2JyT0Y2NW9tM1RQZ0o5S3Z6Y002S3ZJUksyV3ZaT3Z3T254U3lCaktlVzJUVGVmd0pJQ2ltYk52VWw5TjRIc0VCQ2EyQUgzL2l4MWltbjUrN1V1L0hUeEVoTHlSSlVVSDNSano0bnljdDZGQVpvUE5zNFE0cjJ6ampmd1lmNGRzWklYc1I5Vi9KWUVNdmowZGdSSmhpRGtzTmpReVJoNEduclo2RkZ5TVpkd2tHV3FiTFkxSmMwdVdmM2ZUNVd5cmZscTFCVDNqSWluUnFkbDZQL2x3d2szR2dCdDZyQys4R1RubjdxVVlGaXB5OFRVeU83VTJEelZzS2Zzc1ZFMlVVQmlaNEdUNU82SUhsZG9BRlpOcS9kbUc0VU1qMkZNRzRkcUFjYUZLRmhpSnl0RTNqNVpoSC91b3JDWFg5SkZ4VjJjY0taYVZLbWtPMnBrMDRUZ2JhRGw1YjU5NFhuV3dJNUdyY0IvNGNHTms2c3h2NnEvZ2tzT0k5cHJOOXhZaW1pWDNEQXYvUWEyekNydG5kZmlWVTRiSEpjdUNGemxhdU9SYTVyV0xOcCtZNXVCaFJhQmxxSWNVUVN4VU15UFIyb2l1MDVFZSsvTFBvNGpaVGFkakRrODBtOVV3WjdxdGFnSlNVZERJRXd0aXZJUkNrUTBCelVFSnJTK0UvaWI2cFNsZkJlQU5jenJ3Sm84QjFMdzlFN0ZjM21jKzR5eDArYWppSTVBUDZvd3ZOR2xVdFIrUFFMNHJKREpWTEg4QytjQ0ttVGNOV2V0N2NmcDI1QUdtYzdDSU1jM0pWMFJCWE1iR3dxcmFvQW1ocjl0aG9jRTZZNXdudE5jRC8wYm9MalhOZTVoRzhnTGI2anZNWlJxUmRRRFdHVm1Cdll5ZTVMNzJHdHFmL1lJTUliSEZwZDV0M3NheW9PWVlpUGNtSllBMzlGYzEvcHZYdGppUGx4enZQdEQvWjJYTkxDa3RYRVl2NHJQVG5aZ0JyS3JpbUVsQ3kzelBkNjlGNlN2RGhCeEE3OEUyeFVmSGFpRzIyLzlPUExDeENYSTlZZElMcVE5WWVJTzI1aFRZODRxT2ZlSno4bFVYT0k3cXNyWTN1djU5YUp3dzQ4Q28waCt6dllBaUhNPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
    https://clever-redirect.com/s/r6?s=721614&s3=1839183755&sid=20220623230227b087a4f8ba8a63ac0d Page URL
  3. https://lookandfind.me/s/a?t=11&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=info.geers.de&s1=721614&s2=&s3=1839183755&s5=wc Page URL
  4. https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.linkbux.com%2Ftrack%3Fpid%3DLB00002126%26mid%3D13417%26url%3Dhttps%253A%252F%252Fwww.info.geers.de%252F%26uid%3D5e0188b41bd4c92738b71ba75573d645&h=44add0d2f65d5dc37b1c87d723ba24d0 Page URL
  5. https://www.linkbux.com/track?pid=LB00002126&mid=13417&url=https://www.info.geers.de/&uid=5e0188b41bd4c92738b71ba75573d645 Page URL
  6. https://www.awin1.com/cread.php?pref=lookandfind.me%2F&awinmid=22338&awinaffid=685769&clickref=lb_1lhypr&p=https%3A%2F%2Fwww.info.geers.de%2F HTTP 302
    https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://discordpromos.com/ HTTP 302
  • https://discordpromos.com/ HTTP 302
  • http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK1g2SzlKTTJWUjhHRjlPd1N5aUNnOHV6Z2tHUzdDdlNhNURZTGJGcEdoc2REOEFtb3JCZWhHWTJpdnNzTG82OVZqWFIyQm91b2p5VnlZSGRBMUN2N0pyY1FhWjlkQTVSVGVIUGx3UE90cHgrRUw1MmhheWVOT1krQndEanhOd2RpQTNKdDY4NU1keGlTVDE2MXpJY2FwWGs0NXJVclRGbWpPUjVPb0laOHVtTlFSZVZwUUVhWEtmS3pGazVkWjdoSytjY01EZlFoMDZ0cUJTd0R3RGRjdFd6ZlBZdEJYK1FRN29OcEdUUFdxVWJ2N1k0MHRNN1NrekFhUjY3Sy9tNkNwa3ZLbDBacHVLQjAzNXA0OFhQazJrelp5R1NMUHhhWTM4ZXZPM3N3R2JIbE80bnE5dk94N1JzN21RS1d4ZXBUS0N1UFhXN3VJbTIxVHZKUERJb0hqbjVOOGF3dGlLQUw3QlVsYzNCazY4RjJGc3FJOXROTy9QUk5QZVFIMmNtODFkWFAybmhlZmduQlNZRm9zeHQzZkJpS1dza29YNTBsbzI0OXYvb1VjMmVSdWJuOEhHZ2Y3N2k3N2tqTGFhWFJMRDVVNjNiTEpscHhCd242b3cxeWVReiszS1ZJc0ljZTZNdkRLQ0l1OHFGQXMxZEx1M3VqMFhVdzRvUmlleFlZWWVibXVNMngwYTVmZVdsdVJwWUxYOG5kd1RIbkkzcnRXd1F4N3U0TlJKRXBjL3dOWUttYllLVTYzVkhuUExOaHdGRGE2ZG9KS1J3UVgrZ01GQmZDM09WWjFLaEloeHdOcGJTQ2tCK0F3U3ZvTTlXVDZ5SlJjUmV6c1FBUHJ2dk1YRVhQVWh4Y0lHMGEzajk4V282R3ZVdGVRUHVReUNKUFdSWExJaHllLzEwU1VWT1c1VmRsUlREMHBHMmdQc2JmRnJQd3FoV0k1TUt5NDZKVDYwUXQrMTV4RUhuVHgwb3NHdA%3D%3D
Request Chain 4
  • http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1839183755%26sid%3D20220623230227b087a4f8ba8a63ac0d&s=j&enc=bPuV9e5UgGOqBwaBD1RVtH49flV3d3dzblJJNnFYVndBQXpVZTRnM2JyT0Y2NW9tM1RQZ0o5S3Z6Y002S3ZJUksyV3ZaT3Z3T254U3lCaktlVzJUVGVmd0pJQ2ltYk52VWw5TjRIc0VCQ2EyQUgzL2l4MWltbjUrN1V1L0hUeEVoTHlSSlVVSDNSano0bnljdDZGQVpvUE5zNFE0cjJ6ampmd1lmNGRzWklYc1I5Vi9KWUVNdmowZGdSSmhpRGtzTmpReVJoNEduclo2RkZ5TVpkd2tHV3FiTFkxSmMwdVdmM2ZUNVd5cmZscTFCVDNqSWluUnFkbDZQL2x3d2szR2dCdDZyQys4R1RubjdxVVlGaXB5OFRVeU83VTJEelZzS2Zzc1ZFMlVVQmlaNEdUNU82SUhsZG9BRlpOcS9kbUc0VU1qMkZNRzRkcUFjYUZLRmhpSnl0RTNqNVpoSC91b3JDWFg5SkZ4VjJjY0taYVZLbWtPMnBrMDRUZ2JhRGw1YjU5NFhuV3dJNUdyY0IvNGNHTms2c3h2NnEvZ2tzT0k5cHJOOXhZaW1pWDNEQXYvUWEyekNydG5kZmlWVTRiSEpjdUNGemxhdU9SYTVyV0xOcCtZNXVCaFJhQmxxSWNVUVN4VU15UFIyb2l1MDVFZSsvTFBvNGpaVGFkakRrODBtOVV3WjdxdGFnSlNVZERJRXd0aXZJUkNrUTBCelVFSnJTK0UvaWI2cFNsZkJlQU5jenJ3Sm84QjFMdzlFN0ZjM21jKzR5eDArYWppSTVBUDZvd3ZOR2xVdFIrUFFMNHJKREpWTEg4QytjQ0ttVGNOV2V0N2NmcDI1QUdtYzdDSU1jM0pWMFJCWE1iR3dxcmFvQW1ocjl0aG9jRTZZNXdudE5jRC8wYm9MalhOZTVoRzhnTGI2anZNWlJxUmRRRFdHVm1Cdll5ZTVMNzJHdHFmL1lJTUliSEZwZDV0M3NheW9PWVlpUGNtSllBMzlGYzEvcHZYdGppUGx4enZQdEQvWjJYTkxDa3RYRVl2NHJQVG5aZ0JyS3JpbUVsQ3kzelBkNjlGNlN2RGhCeEE3OEUyeFVmSGFpRzIyLzlPUExDeENYSTlZZElMcVE5WWVJTzI1aFRZODRxT2ZlSno4bFVYT0k3cXNyWTN1djU5YUp3dzQ4Q28waCt6dllBaUhNPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
  • https://clever-redirect.com/s/r6?s=721614&s3=1839183755&sid=20220623230227b087a4f8ba8a63ac0d

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r2.php
1redirc.com/
Redirect Chain
  • http://discordpromos.com/
  • https://discordpromos.com/
  • http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK1g2SzlKTTJWUjhHRjlPd1N5aUNnOHV6Z2tHUzdDdlNhNURZTGJGcEdoc2REOEFtb3JCZWhHWTJpdnNzTG82OVZqWFIyQm91b2p5Vnl...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK1g2SzlKTTJWUjhHRjlPd1N5aUNnOHV6Z2tHUzdDdlNhNURZTGJGcEdoc2REOEFtb3JCZWhHWTJpdnNzTG82OVZqWFIyQm91b2p5VnlZSGRBMUN2N0pyY1FhWjlkQTVSVGVIUGx3UE90cHgrRUw1MmhheWVOT1krQndEanhOd2RpQTNKdDY4NU1keGlTVDE2MXpJY2FwWGs0NXJVclRGbWpPUjVPb0laOHVtTlFSZVZwUUVhWEtmS3pGazVkWjdoSytjY01EZlFoMDZ0cUJTd0R3RGRjdFd6ZlBZdEJYK1FRN29OcEdUUFdxVWJ2N1k0MHRNN1NrekFhUjY3Sy9tNkNwa3ZLbDBacHVLQjAzNXA0OFhQazJrelp5R1NMUHhhWTM4ZXZPM3N3R2JIbE80bnE5dk94N1JzN21RS1d4ZXBUS0N1UFhXN3VJbTIxVHZKUERJb0hqbjVOOGF3dGlLQUw3QlVsYzNCazY4RjJGc3FJOXROTy9QUk5QZVFIMmNtODFkWFAybmhlZmduQlNZRm9zeHQzZkJpS1dza29YNTBsbzI0OXYvb1VjMmVSdWJuOEhHZ2Y3N2k3N2tqTGFhWFJMRDVVNjNiTEpscHhCd242b3cxeWVReiszS1ZJc0ljZTZNdkRLQ0l1OHFGQXMxZEx1M3VqMFhVdzRvUmlleFlZWWVibXVNMngwYTVmZVdsdVJwWUxYOG5kd1RIbkkzcnRXd1F4N3U0TlJKRXBjL3dOWUttYllLVTYzVkhuUExOaHdGRGE2ZG9KS1J3UVgrZ01GQmZDM09WWjFLaEloeHdOcGJTQ2tCK0F3U3ZvTTlXVDZ5SlJjUmV6c1FBUHJ2dk1YRVhQVWh4Y0lHMGEzajk4V282R3ZVdGVRUHVReUNKUFdSWExJaHllLzEwU1VWT1c1VmRsUlREMHBHMmdQc2JmRnJQd3FoV0k1TUt5NDZKVDYwUXQrMTV4RUhuVHgwb3NHdA%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
a398c90329e9bb61b8658cdbc8e194732fe81320802c5c94db3640bc141f3082

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Length
2052
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Jun 2022 13:02:29 GMT
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Jun 2022 13:02:27 GMT
Location
http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK1g2SzlKTTJWUjhHRjlPd1N5aUNnOHV6Z2tHUzdDdlNhNURZTGJGcEdoc2REOEFtb3JCZWhHWTJpdnNzTG82OVZqWFIyQm91b2p5VnlZSGRBMUN2N0pyY1FhWjlkQTVSVGVIUGx3UE90cHgrRUw1MmhheWVOT1krQndEanhOd2RpQTNKdDY4NU1keGlTVDE2MXpJY2FwWGs0NXJVclRGbWpPUjVPb0laOHVtTlFSZVZwUUVhWEtmS3pGazVkWjdoSytjY01EZlFoMDZ0cUJTd0R3RGRjdFd6ZlBZdEJYK1FRN29OcEdUUFdxVWJ2N1k0MHRNN1NrekFhUjY3Sy9tNkNwa3ZLbDBacHVLQjAzNXA0OFhQazJrelp5R1NMUHhhWTM4ZXZPM3N3R2JIbE80bnE5dk94N1JzN21RS1d4ZXBUS0N1UFhXN3VJbTIxVHZKUERJb0hqbjVOOGF3dGlLQUw3QlVsYzNCazY4RjJGc3FJOXROTy9QUk5QZVFIMmNtODFkWFAybmhlZmduQlNZRm9zeHQzZkJpS1dza29YNTBsbzI0OXYvb1VjMmVSdWJuOEhHZ2Y3N2k3N2tqTGFhWFJMRDVVNjNiTEpscHhCd242b3cxeWVReiszS1ZJc0ljZTZNdkRLQ0l1OHFGQXMxZEx1M3VqMFhVdzRvUmlleFlZWWVibXVNMngwYTVmZVdsdVJwWUxYOG5kd1RIbkkzcnRXd1F4N3U0TlJKRXBjL3dOWUttYllLVTYzVkhuUExOaHdGRGE2ZG9KS1J3UVgrZ01GQmZDM09WWjFLaEloeHdOcGJTQ2tCK0F3U3ZvTTlXVDZ5SlJjUmV6c1FBUHJ2dk1YRVhQVWh4Y0lHMGEzajk4V282R3ZVdGVRUHVReUNKUFdSWExJaHllLzEwU1VWT1c1VmRsUlREMHBHMmdQc2JmRnJQd3FoV0k1TUt5NDZKVDYwUXQrMTV4RUhuVHgwb3NHdA%3D%3D
Server
Apache/2.4.38 (Debian)
jscheck.js
1redirc.com/javascript/ 		899 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/javascript/jscheck.js
Requested by
Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK1g2SzlKTTJWUjhHRjlPd1N5aUNnOHV6Z2tHUzdDdlNhNURZTGJGcEdoc2REOEFtb3JCZWhHWTJpdnNzTG82OVZqWFIyQm91b2p5VnlZSGRBMUN2N0pyY1FhWjlkQTVSVGVIUGx3UE90cHgrRUw1MmhheWVOT1krQndEanhOd2RpQTNKdDY4NU1keGlTVDE2MXpJY2FwWGs0NXJVclRGbWpPUjVPb0laOHVtTlFSZVZwUUVhWEtmS3pGazVkWjdoSytjY01EZlFoMDZ0cUJTd0R3RGRjdFd6ZlBZdEJYK1FRN29OcEdUUFdxVWJ2N1k0MHRNN1NrekFhUjY3Sy9tNkNwa3ZLbDBacHVLQjAzNXA0OFhQazJrelp5R1NMUHhhWTM4ZXZPM3N3R2JIbE80bnE5dk94N1JzN21RS1d4ZXBUS0N1UFhXN3VJbTIxVHZKUERJb0hqbjVOOGF3dGlLQUw3QlVsYzNCazY4RjJGc3FJOXROTy9QUk5QZVFIMmNtODFkWFAybmhlZmduQlNZRm9zeHQzZkJpS1dza29YNTBsbzI0OXYvb1VjMmVSdWJuOEhHZ2Y3N2k3N2tqTGFhWFJMRDVVNjNiTEpscHhCd242b3cxeWVReiszS1ZJc0ljZTZNdkRLQ0l1OHFGQXMxZEx1M3VqMFhVdzRvUmlleFlZWWVibXVNMngwYTVmZVdsdVJwWUxYOG5kd1RIbkkzcnRXd1F4N3U0TlJKRXBjL3dOWUttYllLVTYzVkhuUExOaHdGRGE2ZG9KS1J3UVgrZ01GQmZDM09WWjFLaEloeHdOcGJTQ2tCK0F3U3ZvTTlXVDZ5SlJjUmV6c1FBUHJ2dk1YRVhQVWh4Y0lHMGEzajk4V282R3ZVdGVRUHVReUNKUFdSWExJaHllLzEwU1VWT1c1VmRsUlREMHBHMmdQc2JmRnJQd3FoV0k1TUt5NDZKVDYwUXQrMTV4RUhuVHgwb3NHdA%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK1g2SzlKTTJWUjhHRjlPd1N5aUNnOHV6Z2tHUzdDdlNhNURZTGJGcEdoc2REOEFtb3JCZWhHWTJpdnNzTG82OVZqWFIyQm91b2p5VnlZSGRBMUN2N0pyY1FhWjlkQTVSVGVIUGx3UE90cHgrRUw1MmhheWVOT1krQndEanhOd2RpQTNKdDY4NU1keGlTVDE2MXpJY2FwWGs0NXJVclRGbWpPUjVPb0laOHVtTlFSZVZwUUVhWEtmS3pGazVkWjdoSytjY01EZlFoMDZ0cUJTd0R3RGRjdFd6ZlBZdEJYK1FRN29OcEdUUFdxVWJ2N1k0MHRNN1NrekFhUjY3Sy9tNkNwa3ZLbDBacHVLQjAzNXA0OFhQazJrelp5R1NMUHhhWTM4ZXZPM3N3R2JIbE80bnE5dk94N1JzN21RS1d4ZXBUS0N1UFhXN3VJbTIxVHZKUERJb0hqbjVOOGF3dGlLQUw3QlVsYzNCazY4RjJGc3FJOXROTy9QUk5QZVFIMmNtODFkWFAybmhlZmduQlNZRm9zeHQzZkJpS1dza29YNTBsbzI0OXYvb1VjMmVSdWJuOEhHZ2Y3N2k3N2tqTGFhWFJMRDVVNjNiTEpscHhCd242b3cxeWVReiszS1ZJc0ljZTZNdkRLQ0l1OHFGQXMxZEx1M3VqMFhVdzRvUmlleFlZWWVibXVNMngwYTVmZVdsdVJwWUxYOG5kd1RIbkkzcnRXd1F4N3U0TlJKRXBjL3dOWUttYllLVTYzVkhuUExOaHdGRGE2ZG9KS1J3UVgrZ01GQmZDM09WWjFLaEloeHdOcGJTQ2tCK0F3U3ZvTTlXVDZ5SlJjUmV6c1FBUHJ2dk1YRVhQVWh4Y0lHMGEzajk4V282R3ZVdGVRUHVReUNKUFdSWExJaHllLzEwU1VWT1c1VmRsUlREMHBHMmdQc2JmRnJQd3FoV0k1TUt5NDZKVDYwUXQrMTV4RUhuVHgwb3NHdA%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 13:02:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Jan 2022 12:05:23 GMT
Server
Apache/2.4.38 (Debian)
ETag
"383-5d53926b806c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
405
swfobject.js
1redirc.com/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/javascript/swfobject.js
Requested by
Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK1g2SzlKTTJWUjhHRjlPd1N5aUNnOHV6Z2tHUzdDdlNhNURZTGJGcEdoc2REOEFtb3JCZWhHWTJpdnNzTG82OVZqWFIyQm91b2p5VnlZSGRBMUN2N0pyY1FhWjlkQTVSVGVIUGx3UE90cHgrRUw1MmhheWVOT1krQndEanhOd2RpQTNKdDY4NU1keGlTVDE2MXpJY2FwWGs0NXJVclRGbWpPUjVPb0laOHVtTlFSZVZwUUVhWEtmS3pGazVkWjdoSytjY01EZlFoMDZ0cUJTd0R3RGRjdFd6ZlBZdEJYK1FRN29OcEdUUFdxVWJ2N1k0MHRNN1NrekFhUjY3Sy9tNkNwa3ZLbDBacHVLQjAzNXA0OFhQazJrelp5R1NMUHhhWTM4ZXZPM3N3R2JIbE80bnE5dk94N1JzN21RS1d4ZXBUS0N1UFhXN3VJbTIxVHZKUERJb0hqbjVOOGF3dGlLQUw3QlVsYzNCazY4RjJGc3FJOXROTy9QUk5QZVFIMmNtODFkWFAybmhlZmduQlNZRm9zeHQzZkJpS1dza29YNTBsbzI0OXYvb1VjMmVSdWJuOEhHZ2Y3N2k3N2tqTGFhWFJMRDVVNjNiTEpscHhCd242b3cxeWVReiszS1ZJc0ljZTZNdkRLQ0l1OHFGQXMxZEx1M3VqMFhVdzRvUmlleFlZWWVibXVNMngwYTVmZVdsdVJwWUxYOG5kd1RIbkkzcnRXd1F4N3U0TlJKRXBjL3dOWUttYllLVTYzVkhuUExOaHdGRGE2ZG9KS1J3UVgrZ01GQmZDM09WWjFLaEloeHdOcGJTQ2tCK0F3U3ZvTTlXVDZ5SlJjUmV6c1FBUHJ2dk1YRVhQVWh4Y0lHMGEzajk4V282R3ZVdGVRUHVReUNKUFdSWExJaHllLzEwU1VWT1c1VmRsUlREMHBHMmdQc2JmRnJQd3FoV0k1TUt5NDZKVDYwUXQrMTV4RUhuVHgwb3NHdA%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK1g2SzlKTTJWUjhHRjlPd1N5aUNnOHV6Z2tHUzdDdlNhNURZTGJGcEdoc2REOEFtb3JCZWhHWTJpdnNzTG82OVZqWFIyQm91b2p5VnlZSGRBMUN2N0pyY1FhWjlkQTVSVGVIUGx3UE90cHgrRUw1MmhheWVOT1krQndEanhOd2RpQTNKdDY4NU1keGlTVDE2MXpJY2FwWGs0NXJVclRGbWpPUjVPb0laOHVtTlFSZVZwUUVhWEtmS3pGazVkWjdoSytjY01EZlFoMDZ0cUJTd0R3RGRjdFd6ZlBZdEJYK1FRN29OcEdUUFdxVWJ2N1k0MHRNN1NrekFhUjY3Sy9tNkNwa3ZLbDBacHVLQjAzNXA0OFhQazJrelp5R1NMUHhhWTM4ZXZPM3N3R2JIbE80bnE5dk94N1JzN21RS1d4ZXBUS0N1UFhXN3VJbTIxVHZKUERJb0hqbjVOOGF3dGlLQUw3QlVsYzNCazY4RjJGc3FJOXROTy9QUk5QZVFIMmNtODFkWFAybmhlZmduQlNZRm9zeHQzZkJpS1dza29YNTBsbzI0OXYvb1VjMmVSdWJuOEhHZ2Y3N2k3N2tqTGFhWFJMRDVVNjNiTEpscHhCd242b3cxeWVReiszS1ZJc0ljZTZNdkRLQ0l1OHFGQXMxZEx1M3VqMFhVdzRvUmlleFlZWWVibXVNMngwYTVmZVdsdVJwWUxYOG5kd1RIbkkzcnRXd1F4N3U0TlJKRXBjL3dOWUttYllLVTYzVkhuUExOaHdGRGE2ZG9KS1J3UVgrZ01GQmZDM09WWjFLaEloeHdOcGJTQ2tCK0F3U3ZvTTlXVDZ5SlJjUmV6c1FBUHJ2dk1YRVhQVWh4Y0lHMGEzajk4V282R3ZVdGVRUHVReUNKUFdSWExJaHllLzEwU1VWT1c1VmRsUlREMHBHMmdQc2JmRnJQd3FoV0k1TUt5NDZKVDYwUXQrMTV4RUhuVHgwb3NHdA%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 13:02:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Jan 2022 12:05:23 GMT
Server
Apache/2.4.38 (Debian)
ETag
"27ef-5d53926b806c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3949
jscheck.php
1redirc.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/jscheck.php?enc=bPuV9e5UgGOqBwaBD1RVtH49flV3d3dzblJJNnFYVndBQXpVZTRnM2JyT0Y2NW9tM1RQZ0o5S3Z6Y002S3ZJUksyV3ZaT3Z3T254U3lCaktlVzJUVGVmd0pJQ2ltYk52VWw5TjRIc0VCQ2EyQUgzL2l4MWltbjUrN1V1L0hUeEVoTHlSSlVVSDNSano0bnljdDZGQVpvUE5zNFE0cjJ6ampmd1lmNGRzWklYc1I5Vi9KWUVNdmowZGdSSmhpRGtzTmpReVJoNEduclo2RkZ5TVpkd2tHV3FiTFkxSmMwdVdmM2ZUNVd5cmZscTFCVDNqSWluUnFkbDZQL2x3d2szR2dCdDZyQys4R1RubjdxVVlGaXB5OFRVeU83VTJEelZzS2Zzc1ZFMlVVQmlaNEdUNU82SUhsZG9BRlpOcS9kbUc0VU1qMkZNRzRkcUFjYUZLRmhpSnl0RTNqNVpoSC91b3JDWFg5SkZ4VjJjY0taYVZLbWtPMnBrMDRUZ2JhRGw1YjU5NFhuV3dJNUdyY0IvNGNHTms2c3h2NnEvZ2tzT0k5cHJOOXhZaW1pWDNEQXYvUWEyekNydG5kZmlWVTRiSEpjdUNGemxhdU9SYTVyV0xOcCtZNXVCaFJhQmxxSWNVUVN4VU15UFIyb2l1MDVFZSsvTFBvNGpaVGFkakRrODBtOVV3WjdxdGFnSlNVZERJRXd0aXZJUkNrUTBCelVFSnJTK0UvaWI2cFNsZkJlQU5jenJ3Sm84QjFMdzlFN0ZjM21jKzR5eDArYWppSTVBUDZvd3ZOR2xVdFIrUFFMNHJKREpWTEg4QytjQ0ttVGNOV2V0N2NmcDI1QUdtYzdDSU1jM0pWMFJCWE1iR3dxcmFvQW1ocjl0aG9jRTZZNXdudE5jRC8wYm9MalhOZTVoRzhnTGI2anZNWlJxUmRRRFdHVm1Cdll5ZTVMNzJHdHFmL1lJTUliSEZwZDV0M3NheW9PWVlpUGNtSllBMzlGYzEvcHZYdGppUGx4enZQdEQvWjJYTkxDa3RYRVl2NHJQVG5aZ0JyS3JpbUVsQ3kzelBkNjlGNlN2RGhCeEE3OEUyeFVmSGFpRzIyLzlPUExDeENYSTlZZElMcVE5WWVJTzI1aFRZODRxT2ZlSno4bFVYT0k3cXNyWTN1djU5YUp3dzQ4Q28waCt6dllBaUhNPQ%3D%3D&rand=0.14107791871205166
Requested by
Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=DKBqSXP8GXc%2F48VJe9A83n49fmtpWHZ1MEVpK1N1Nm8vK1RXdTdsQU1JZTRLcnBCK1g2SzlKTTJWUjhHRjlPd1N5aUNnOHV6Z2tHUzdDdlNhNURZTGJGcEdoc2REOEFtb3JCZWhHWTJpdnNzTG82OVZqWFIyQm91b2p5VnlZSGRBMUN2N0pyY1FhWjlkQTVSVGVIUGx3UE90cHgrRUw1MmhheWVOT1krQndEanhOd2RpQTNKdDY4NU1keGlTVDE2MXpJY2FwWGs0NXJVclRGbWpPUjVPb0laOHVtTlFSZVZwUUVhWEtmS3pGazVkWjdoSytjY01EZlFoMDZ0cUJTd0R3RGRjdFd6ZlBZdEJYK1FRN29OcEdUUFdxVWJ2N1k0MHRNN1NrekFhUjY3Sy9tNkNwa3ZLbDBacHVLQjAzNXA0OFhQazJrelp5R1NMUHhhWTM4ZXZPM3N3R2JIbE80bnE5dk94N1JzN21RS1d4ZXBUS0N1UFhXN3VJbTIxVHZKUERJb0hqbjVOOGF3dGlLQUw3QlVsYzNCazY4RjJGc3FJOXROTy9QUk5QZVFIMmNtODFkWFAybmhlZmduQlNZRm9zeHQzZkJpS1dza29YNTBsbzI0OXYvb1VjMmVSdWJuOEhHZ2Y3N2k3N2tqTGFhWFJMRDVVNjNiTEpscHhCd242b3cxeWVReiszS1ZJc0ljZTZNdkRLQ0l1OHFGQXMxZEx1M3VqMFhVdzRvUmlleFlZWWVibXVNMngwYTVmZVdsdVJwWUxYOG5kd1RIbkkzcnRXd1F4N3U0TlJKRXBjL3dOWUttYllLVTYzVkhuUExOaHdGRGE2ZG9KS1J3UVgrZ01GQmZDM09WWjFLaEloeHdOcGJTQ2tCK0F3U3ZvTTlXVDZ5SlJjUmV6c1FBUHJ2dk1YRVhQVWh4Y0lHMGEzajk4V282R3ZVdGVRUHVReUNKUFdSWExJaHllLzEwU1VWT1c1VmRsUlREMHBHMmdQc2JmRnJQd3FoV0k1TUt5NDZKVDYwUXQrMTV4RUhuVHgwb3NHdA%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 13:02:29 GMT
Server
Apache/2.4.38 (Debian)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
r6
clever-redirect.com/s/
Redirect Chain
  • http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1839183755%26sid%3D20220623230227b087a4f8ba8a63ac0d&s=j&enc=bPuV9e5UgGOqBwaBD1RVtH49flV3d3dzblJJNnFYVndBQXp...
  • https://clever-redirect.com/s/r6?s=721614&s3=1839183755&sid=20220623230227b087a4f8ba8a63ac0d
325 B
675 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clever-redirect.com/s/r6?s=721614&s3=1839183755&sid=20220623230227b087a4f8ba8a63ac0d
Requested by
Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.197.46.78.clients.your-server.de
Software
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer
http://1redirc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
325
content-type
text/html; charset=UTF-8
date
Thu, 23 Jun 2022 13:02:30 GMT
referrer-policy
no-referrer
server
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by
PHP/7.4.27

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Jun 2022 13:02:30 GMT
Location
https://clever-redirect.com/s/r6?s=721614&s3=1839183755&sid=20220623230227b087a4f8ba8a63ac0d
Server
Apache/2.4.38 (Debian)
a
lookandfind.me/s/ 		413 B
580 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/a?t=11&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=info.geers.de&s1=721614&s2=&s3=1839183755&s5=wc
Requested by
Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=1839183755&sid=20220623230227b087a4f8ba8a63ac0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash
842bd22ea21dbc3f9230c25e8c03b804cfe757c7d51a4ec3b28123d88dae3f9a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
413
content-type
text/html; charset=UTF-8
date
Thu, 23 Jun 2022 13:02:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by
PHP/7.4.24
r
lookandfind.me/s/ 		327 B
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.linkbux.com%2Ftrack%3Fpid%3DLB00002126%26mid%3D13417%26url%3Dhttps%253A%252F%252Fwww.info.geers.de%252F%26uid%3D5e0188b41bd4c92738b71ba75573d645&h=44add0d2f65d5dc37b1c87d723ba24d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Referer
https://lookandfind.me/s/a?t=11&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=info.geers.de&s1=721614&s2=&s3=1839183755&s5=wc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
327
content-type
text/html; charset=UTF-8
date
Thu, 23 Jun 2022 13:02:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by
PHP/7.4.24
track
www.linkbux.com/ 		1 KB
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.linkbux.com/track?pid=LB00002126&mid=13417&url=https://www.info.geers.de/&uid=5e0188b41bd4c92738b71ba75573d645
Requested by
Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.linkbux.com%2Ftrack%3Fpid%3DLB00002126%26mid%3D13417%26url%3Dhttps%253A%252F%252Fwww.info.geers.de%252F%26uid%3D5e0188b41bd4c92738b71ba75573d645&h=44add0d2f65d5dc37b1c87d723ba24d0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.11.181.248 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
d40750769b3353a08f08eb0514898d913960cba36360b0cb763aa3daf9d1fbf5

Request headers

Referer
https://lookandfind.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Jun 2022 13:02:32 GMT
vary
Accept-Encoding
Primary Request hoergeraete-gratis-testen-sl
fragebogen.geers.de/
Redirect Chain
  • https://www.awin1.com/cread.php?pref=lookandfind.me%2F&awinmid=22338&awinaffid=685769&clickref=lb_1lhypr&p=https%3A%2F%2Fwww.info.geers.de%2F
  • https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Requested by
Host: www.linkbux.com
URL: https://www.linkbux.com/track?pid=LB00002126&mid=13417&url=https://www.info.geers.de/&uid=5e0188b41bd4c92738b71ba75573d645
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.143.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.143.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ed8457b3295fed62a5a25d80665fb70916ceaf85575d66f60e4bae76ae7c2db8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com wss://*.hotjar.com http: https: data: blob: 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.sonova.xyz *.optimizely.com *.geers.de *.gutes-hoeren.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.linkbux.com/track?pid=LB00002126&mid=13417&url=https://www.info.geers.de/&uid=5e0188b41bd4c92738b71ba75573d645
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-security-policy
default-src 'self' https://*.hotjar.com wss://*.hotjar.com http: https: data: blob: 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.sonova.xyz *.optimizely.com *.geers.de *.gutes-hoeren.de
content-type
text/html; charset=utf-8
date
Thu, 23 Jun 2022 13:02:33 GMT
etag
W/"62b0af20-55a"
last-modified
Mon, 20 Jun 2022 17:32:16 GMT
referrer-policy
no-referrer-when-downgrade
server
Google Frontend
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Allow
GET
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Jun 2022 13:02:33 GMT
Location
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
18736142230.js
cdn.optimizely.com/js/ 		284 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/18736142230.js
Requested by
Host: fragebogen.geers.de
URL: https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:889::13b8 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9c40105b2e3dae2922259bec55d442958ae82f91aad02f6509d8c666ec986b9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
ziN7Vn_j8ePzwkggPjGmSRTo0n8N7IGc
content-encoding
gzip
etag
"d997b5368cf930fba1140d4b28073ce6"
x-amz-request-id
B29K8R9M7751GX3E
x-amz-server-side-encryption
AES256
x-amz-meta-revision
4911
x-amz-replication-status
PENDING
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="18";dur=0,cdnip;desc="2a02:26f0:3500:889::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
88016
x-amz-id-2
+h+nq2GVeV/wu+XNQq4voKDkOFMLJiIvVg3OS7HIz8hOsr6R3oSi64FdGTx+U6ZIoKeHf3kSL5c=
last-modified
Thu, 23 Jun 2022 06:47:08 GMT
server
AmazonS3
date
Thu, 23 Jun 2022 13:02:33 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
chunk-vendors.css
fragebogen.geers.de/f/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fragebogen.geers.de/f/css/chunk-vendors.css
Requested by
Host: fragebogen.geers.de
URL: https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.143.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.143.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5dfe5ff0243c85a872f9d078a4bf32e9ce8a770e264639a5dd5b8f2ccec88284
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com wss://*.hotjar.com http: https: data: blob: 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.sonova.xyz *.optimizely.com *.geers.de *.gutes-hoeren.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.hotjar.com wss://*.hotjar.com http: https: data: blob: 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.sonova.xyz *.optimizely.com *.geers.de *.gutes-hoeren.de
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Jun 2022 17:32:16 GMT
server
Google Frontend
etag
W/"62b0af20-4843"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
x-xss-protection
1; mode=block
cache-control
private
date
Thu, 23 Jun 2022 13:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-content-type-options
nosniff
app.css
fragebogen.geers.de/f/css/ 		346 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fragebogen.geers.de/f/css/app.css
Requested by
Host: fragebogen.geers.de
URL: https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.143.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.143.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
15821c2ee0386bbf7b86bc4863294c9f26341ae2cc86ea0a4617ccedb06317c2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com wss://*.hotjar.com http: https: data: blob: 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.sonova.xyz *.optimizely.com *.geers.de *.gutes-hoeren.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.hotjar.com wss://*.hotjar.com http: https: data: blob: 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.sonova.xyz *.optimizely.com *.geers.de *.gutes-hoeren.de
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Jun 2022 17:32:16 GMT
server
Google Frontend
etag
W/"62b0af20-56627"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
x-xss-protection
1; mode=block
cache-control
private
date
Thu, 23 Jun 2022 13:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-content-type-options
nosniff
chunk-vendors-modern.js
fragebogen.geers.de/f/js/ 		418 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fragebogen.geers.de/f/js/chunk-vendors-modern.js?h=fb6092da998e2bddb054
Requested by
Host: fragebogen.geers.de
URL: https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.143.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.143.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9736a8220766a27321091719a6fc3193346e8089714622ce804fd7a51b4d0ec1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com wss://*.hotjar.com http: https: data: blob: 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.sonova.xyz *.optimizely.com *.geers.de *.gutes-hoeren.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Origin
https://fragebogen.geers.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.hotjar.com wss://*.hotjar.com http: https: data: blob: 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.sonova.xyz *.optimizely.com *.geers.de *.gutes-hoeren.de
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Jun 2022 17:32:16 GMT
server
Google Frontend
date
Thu, 23 Jun 2022 13:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://fragebogen.geers.de
vary
Accept-Encoding
cache-control
private
etag
W/"62b0af20-68754"
app-modern.js
fragebogen.geers.de/f/js/ 		379 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fragebogen.geers.de/f/js/app-modern.js?h=d76e3d698048ebd17236
Requested by
Host: fragebogen.geers.de
URL: https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.143.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.143.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
54d8dc01bad378455af968cc755da92365bad32e7f0be0a46c749bb1d4d2a02a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.hotjar.com wss://*.hotjar.com http: https: data: blob: 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.sonova.xyz *.optimizely.com *.geers.de *.gutes-hoeren.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Origin
https://fragebogen.geers.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.hotjar.com wss://*.hotjar.com http: https: data: blob: 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.sonova.xyz *.optimizely.com *.geers.de *.gutes-hoeren.de
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Jun 2022 17:32:16 GMT
server
Google Frontend
date
Thu, 23 Jun 2022 13:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://fragebogen.geers.de
vary
Accept-Encoding
cache-control
private
etag
W/"62b0af20-5eb06"
geo4.js
cdn3.optimizely.com/js/ 		311 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo4.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18736142230.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
96.16.142.89 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b88b86097c538b9bffce5f8bdd995a22f36ecaf91a08a0a7d93e50195939b385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
ETag
"8777c006589ecabfa3d63a6b5bf24393"
Server
AmazonS3
x-amz-request-id
Q3K22JN7VBJS34MJ
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Cache-Control
max-age=46070
Date
Thu, 23 Jun 2022 13:02:33 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
311
x-amz-id-2
d/U4WNv1qMAQJ0fpPI7WVHLKHOTlVmbchaLTrrxlnb9OE4Mh0oBccwLgRpCYb0gOU7l2k7q9jGE=
gtm.js
www.googletagmanager.com/ 		271 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KKW9PPK
Requested by
Host: fragebogen.geers.de
URL: https://fragebogen.geers.de/f/js/app-modern.js?h=d76e3d698048ebd17236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
637c893af72077837b3b29bc7dc2a2452fb4c877455967da4fa64308da1ea20e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 13:02:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87209
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Jun 2022 13:02:33 GMT
hoergeraete-gratis-testen-sl
fragebogen.geers.de/api/v1/forms/ 		17 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fragebogen.geers.de/api/v1/forms/hoergeraete-gratis-testen-sl?env=
Requested by
Host: fragebogen.geers.de
URL: https://fragebogen.geers.de/f/js/chunk-vendors-modern.js?h=fb6092da998e2bddb054
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.143.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.143.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
70f42fef5d6e69b1ac0f49dcbf7829d8916dba5bef3289a84fe6752945346cda

Request headers

Accept
application/json, text/plain, */*
Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 13:02:33 GMT
via
1.1 google
etag
W/"4529-c/3bOXfDnAcUpFIhxWsG+EgEU6M"
server
Google Frontend
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
x-cloud-trace-context
ab3a4b9efd7be078be08f34af5ad24d3
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17705
de
fragebogen.geers.de/api/v1/translations/ 		22 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fragebogen.geers.de/api/v1/translations/de
Requested by
Host: fragebogen.geers.de
URL: https://fragebogen.geers.de/f/js/chunk-vendors-modern.js?h=fb6092da998e2bddb054
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.143.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.143.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
5cd364851bece28fe4d343860dd8096fde2770d45d233ed7475c9d939aab2e14

Request headers

Accept
application/json, text/plain, */*
Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 13:02:33 GMT
via
1.1 google
etag
W/"5703-4LXafvizPzgepYonVJZYBd+thkg"
server
Google Frontend
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
x-cloud-trace-context
0882838a3ba41cea1148e765a1b19b84
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22275
a18736142230.html
a18736142230.cdn.optimizely.com/client_storage/ Frame 22BF 		0
0
geers-gutes-hoeren.svg
images.ctfassets.net/uafdk7px88ld/2yQNjqPTvpJqZHqkb9X6AW/af0e077db3313b6b9b47dc3fc2256e3d/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/uafdk7px88ld/2yQNjqPTvpJqZHqkb9X6AW/af0e077db3313b6b9b47dc3fc2256e3d/geers-gutes-hoeren.svg
Requested by
Host: fragebogen.geers.de
URL: https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software
Contentful Images API /
Resource Hash
b01fdbedeec5b9139d76a8edc00bb75d06d75223407079f658bd51caf4b91ff8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:17:25 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 13:18:37 GMT
server
Contentful Images API
age
35376
etag
W/"4bb9f650695edaa67defeb650f259ba9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
9CtKhKfWNK6dL1shRzjVsmHGwHnijiLUsgoK4sDkhJRs6PKtz3e1aQ==
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
tuv_trusted_shops_ekomi_-_350px_-_v2-01.svg
images.ctfassets.net/uafdk7px88ld/5ydMIMcDu7X1HfbcGXCTpW/58a9e362c55e3bfcff77aaabe32a949a/ 		1 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/uafdk7px88ld/5ydMIMcDu7X1HfbcGXCTpW/58a9e362c55e3bfcff77aaabe32a949a/tuv_trusted_shops_ekomi_-_350px_-_v2-01.svg
Requested by
Host: fragebogen.geers.de
URL: https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software
Contentful Images API /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:16:22 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 10:24:33 GMT
server
Contentful Images API
age
31572
etag
W/"0616f4025c8e8cf2918a1ce6cf2aa6d3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
A5cnsyInHgW-u38n1FZazgap1QxS9LXQNssSJ1gTnr_fxMYoQ-gcZA==
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dac8e209c32805e51fb02d2524f60e4f9a68e7882d6033758755d733cd4ef06

Request headers

Referer
Origin
https://fragebogen.geers.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
font/woff2
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKW9PPK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fragebogen.geers.de/hoergeraete-gratis-testen-sl?awc=22338_1655989353_f183a67dd2dd8a33bb1f4f1b34075856&utm_medium=Affiliate&utm_source=685769&utm_term=0&utm_campaign=awin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Jun 2022 13:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jaQOgzI9+ZkWZRPB/GIusQ==
age
12076
vary
Accept-Encoding
content-length
6921
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jun 2022 16:25:28 GMT
server
cloudflare
etag
0x8DA546BD1FFE459
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
252398d5-001e-0019-406a-86f48e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71fd6b34cba55b9e-FRA
d7b65ae7-bb51-4498-9df0-5f91264b32d1.json
cdn.cookielaw.org/consent/d7b65ae7-bb51-4498-9df0-5f91264b32d1/ 		0
0
460eec97-7f06-456d-95db-b52b69d3fad5.js
sonova.containers.piwik.pro/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a18736142230.cdn.optimizely.com
URL
https://a18736142230.cdn.optimizely.com/client_storage/a18736142230.html
Domain
cdn.cookielaw.org
URL
https://cdn.cookielaw.org/consent/d7b65ae7-bb51-4498-9df0-5f91264b32d1/d7b65ae7-bb51-4498-9df0-5f91264b32d1.json
Domain
sonova.containers.piwik.pro
URL
https://sonova.containers.piwik.pro/460eec97-7f06-456d-95db-b52b69d3fad5.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

7 Cookies

Domain/Path Name / Value
discordpromos.com/ Name: __tad
Value: 1655989347.8421255
.1redirc.com/ Name: __dsnsid
Value: 20220623230227b087a4f8ba8a63ac0d
clever-redirect.com/ Name: 416622b6463e0fd377425fe0bbfe74bc
Value: 7f2cb2d853395201ae83bb97e4369fc2123101147d5f20d8a85526afb293deada%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22416622b6463e0fd377425fe0bbfe74bc%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
www.linkbux.com/ Name: discuz_2132_saltkey
Value: XLhYSSeT
www.linkbux.com/ Name: discuz_2132_lang
Value: en
.awin1.com/ Name: aw22338
Value: 685769|0|0|1655989353|lb_1lhypr|aw|0
.awin1.com/ Name: bId
Value: HLEX_62b46469615b86.06919541

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
a18736142230.cdn.optimizely.com
cdn.cookielaw.org
cdn.optimizely.com
cdn3.optimizely.com
clever-redirect.com
discordpromos.com
fragebogen.geers.de
images.ctfassets.net
lookandfind.me
sonova.containers.piwik.pro
www.awin1.com
www.googletagmanager.com
www.linkbux.com
a18736142230.cdn.optimizely.com
cdn.cookielaw.org
sonova.containers.piwik.pro
103.224.182.206
103.224.182.210
157.90.169.168
198.11.181.248
23.205.253.64
2600:9000:225e:8200:12:94b3:c380:93a1
2606:4700::6810:9440
2a00:1450:4001:812::2008
2a02:26f0:3500:889::13b8
34.117.143.69
78.46.197.88
96.16.142.89
15821c2ee0386bbf7b86bc4863294c9f26341ae2cc86ea0a4617ccedb06317c2
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
3dac8e209c32805e51fb02d2524f60e4f9a68e7882d6033758755d733cd4ef06
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
54d8dc01bad378455af968cc755da92365bad32e7f0be0a46c749bb1d4d2a02a
5cd364851bece28fe4d343860dd8096fde2770d45d233ed7475c9d939aab2e14
5dfe5ff0243c85a872f9d078a4bf32e9ce8a770e264639a5dd5b8f2ccec88284
637c893af72077837b3b29bc7dc2a2452fb4c877455967da4fa64308da1ea20e
70f42fef5d6e69b1ac0f49dcbf7829d8916dba5bef3289a84fe6752945346cda
842bd22ea21dbc3f9230c25e8c03b804cfe757c7d51a4ec3b28123d88dae3f9a
9736a8220766a27321091719a6fc3193346e8089714622ce804fd7a51b4d0ec1
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a398c90329e9bb61b8658cdbc8e194732fe81320802c5c94db3640bc141f3082
b01fdbedeec5b9139d76a8edc00bb75d06d75223407079f658bd51caf4b91ff8
b88b86097c538b9bffce5f8bdd995a22f36ecaf91a08a0a7d93e50195939b385
c9c40105b2e3dae2922259bec55d442958ae82f91aad02f6509d8c666ec986b9
d40750769b3353a08f08eb0514898d913960cba36360b0cb763aa3daf9d1fbf5
ed8457b3295fed62a5a25d80665fb70916ceaf85575d66f60e4bae76ae7c2db8