urlscan.io logo urlscan.io
SecurityTrails logo

de636.happynachrichten.de Open in urlscan Pro
45.156.91.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rb.gy/9wd16z
Effective URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Submission: On January 25 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 18 domains to perform 40 HTTP transactions. The main IP is 45.156.91.33, located in Germany and belongs to ABUNTIS, DE. The main domain is de636.happynachrichten.de.
TLS certificate: Issued by R3 on December 1st 2023. Valid for: 3 months.
This is the only time de636.happynachrichten.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.211.68.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-68-9.compute-1.amazonaws.com
rb.gy
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lodiing-urll.blogspot.com
4    2a00:1450:4001:810::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net
s4.histats.com
1    2606:4700:3037::ac43:95c7 (United States)

ASN13335 (CLOUDFLARENET, US)
smrturl.co
1    35.204.59.16 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.59.204.35.bc.googleusercontent.com
run.storkmobi.com
1    34.111.143.46 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.143.111.34.bc.googleusercontent.com
www.tgnk.de
8    45.156.91.33 (Germany)

ASN211823 (ABUNTIS, DE)
cplmax.com
de636.happynachrichten.de
1    2606:4700:e2::ac40:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
11    2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
api.cleverpush.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    159.69.45.25 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.25.45.69.159.clients.your-server.de
lv1.mycleverpush.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
11 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 19515
api.cleverpush.com — Cisco Umbrella Rank: 18358
123 KB
7 happynachrichten.de
de636.happynachrichten.de
162 KB
4 google.com
apis.google.com — Cisco Umbrella Rank: 106
149 KB
2 gstatic.com
fonts.gstatic.com
29 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
60 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
ajax.googleapis.com — Cisco Umbrella Rank: 369
36 KB
2 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 19720
1 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14576
s4.histats.com — Cisco Umbrella Rank: 14129
5 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12161
4 KB
2 blogspot.com
lodiing-urll.blogspot.com
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 mycleverpush.com
lv1.mycleverpush.com
28 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
11 KB
1 cplmax.com
cplmax.com
801 B
1 tgnk.de
www.tgnk.de
511 B
1 storkmobi.com
run.storkmobi.com — Cisco Umbrella Rank: 604579
357 B
1 smrturl.co
smrturl.co — Cisco Umbrella Rank: 564422
862 B
1 rb.gy
rb.gy — Cisco Umbrella Rank: 118875
256 B
40 18
Domain Requested by
9 static.cleverpush.com de636.happynachrichten.de
static.cleverpush.com
lv1.mycleverpush.com
7 de636.happynachrichten.de smrturl.co
de636.happynachrichten.de
4 apis.google.com lodiing-urll.blogspot.com
apis.google.com
www.blogger.com
2 api.cleverpush.com static.cleverpush.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net de636.happynachrichten.de
connect.facebook.net
2 resources.blogblog.com www.blogger.com
2 www.blogger.com lodiing-urll.blogspot.com
apis.google.com
2 lodiing-urll.blogspot.com lodiing-urll.blogspot.com
1 www.facebook.com de636.happynachrichten.de
1 lv1.mycleverpush.com static.cleverpush.com
1 ajax.googleapis.com de636.happynachrichten.de
1 fonts.googleapis.com de636.happynachrichten.de
1 use.fontawesome.com de636.happynachrichten.de
1 cplmax.com 1 redirects
1 www.tgnk.de 1 redirects
1 run.storkmobi.com 1 redirects
1 smrturl.co
1 s4.histats.com s10.histats.com
1 s10.histats.com lodiing-urll.blogspot.com
1 rb.gy 1 redirects
40 21

This site contains links to these domains. Also see Links.

Domain
www.pmiprivacy.com
www.tigano.de
mastercard.gebuhrenfrei.com
www.daydreams.de
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
histats.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
smrturl.co
GTS CA 1P5		 2024-01-21 -
2024-04-20		 3 months crt.sh
*.happynachrichten.de
R3		 2023-12-01 -
2024-02-29		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
cleverpush.com
E1		 2024-01-03 -
2024-04-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-14 -
2024-06-13		 a year crt.sh

This page contains 3 frames:

Primary Page: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Frame ID: ED3595DEE10F52CBA481329DE084BCEB
Requests: 31 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=4596589553836800142&blogName=Totong+Amin+Rewards+US+-+Cash+$750&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=CLASSIC&searchRoot=https://lodiing-urll.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://lodiing-urll.blogspot.com/&vt=7470723328062725851&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Vfl3xXWFLmk.O%2Fd%3D1%2Frs%3DAHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA%2Fm%3D__features__
Frame ID: 015491BE2E2F7E5BFB2C03175644F9D0
Requests: 5 HTTP requests in this frame

Frame: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde636.happynachrichten.de
Frame ID: E26C14F305841E38A67D1A417C7E71EE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amazon Geschenkkarte Gewinnen!

Page URL History Show full URLs

  1. http://rb.gy/9wd16z HTTP 301
    https://lodiing-urll.blogspot.com/?m=Amin Page URL
  2. https://smrturl.co/o/494792/53177516?s1=Amin Page URL
  3. https://run.storkmobi.com/click?pid=3554&offer_id=80940&sub1=Cdbba19244ae28&sub5=494792&sub6=https%3A%... HTTP 302
    https://www.tgnk.de/4848SBD/RP1L33/?sub1=3554&sub2=494792&sub3=65b2873dbe63b90001931cf3 HTTP 302
    https://cplmax.com/de03,amazon,750_398.html?idPartner=37&idCampaignAd=0&subId=2007_3554&subIden... HTTP 302
    https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

100 %
HTTPS

67 %
IPv6

18
Domains

21
Subdomains

16
IPs

4
Countries

613 kB
Transfer

1641 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rb.gy/9wd16z HTTP 301
    https://lodiing-urll.blogspot.com/?m=Amin Page URL
  2. https://smrturl.co/o/494792/53177516?s1=Amin Page URL
  3. https://run.storkmobi.com/click?pid=3554&offer_id=80940&sub1=Cdbba19244ae28&sub5=494792&sub6=https%3A%2F%2Flodiing-urll.blogspot.com%2F&sub7=https%3A%2F%2Flodiing-urll.blogspot.com%2F HTTP 302
    https://www.tgnk.de/4848SBD/RP1L33/?sub1=3554&sub2=494792&sub3=65b2873dbe63b90001931cf3 HTTP 302
    https://cplmax.com/de03,amazon,750_398.html?idPartner=37&idCampaignAd=0&subId=2007_3554&subIdentifier=e96ea0785c0f41c9893b6190c84c14f7_494792 HTTP 302
    https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rb.gy/9wd16z HTTP 301
  • https://lodiing-urll.blogspot.com/?m=Amin

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
lodiing-urll.blogspot.com/
Redirect Chain
  • http://rb.gy/9wd16z
  • https://lodiing-urll.blogspot.com/?m=Amin
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lodiing-urll.blogspot.com/?m=Amin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
13e49f09a5043de3c19583c2f6183cf80bffe2b5777971714544a374f84e170c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
2366
content-type
text/html; charset=UTF-8
date
Thu, 25 Jan 2024 16:07:23 GMT
etag
W/"629949d32eee647f6d7a2402a16473b98f34f50e05c6e085e85d7502774678b1"
expires
Thu, 25 Jan 2024 16:07:23 GMT
last-modified
Wed, 10 Jan 2024 13:09:23 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 25 Jan 2024 16:07:22 GMT
Engine
Rebrandly.redirect, version 2.1
Expires
-1
Location
https://lodiing-urll.blogspot.com/?m=Amin
3334278262-classic.css
www.blogger.com/static/v1/v-css/navbar/ 		871 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/v-css/navbar/3334278262-classic.css
Requested by
Host: lodiing-urll.blogspot.com
URL: https://lodiing-urll.blogspot.com/?m=Amin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6e7616391f5c7649cd033b934318aa33a71e9ce24c341c0e62e438c14bd66c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lodiing-urll.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:30:35 GMT
x-content-type-options
nosniff
age
171408
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
871
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 02:58:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 22 Jan 2025 16:30:35 GMT
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: lodiing-urll.blogspot.com
URL: https://lodiing-urll.blogspot.com/?m=Amin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lodiing-urll.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 Jan 2024 16:07:23 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"744e1fa93653e48f"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 16:07:23 GMT
cookienotice.js
lodiing-urll.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lodiing-urll.blogspot.com/js/cookienotice.js
Requested by
Host: lodiing-urll.blogspot.com
URL: https://lodiing-urll.blogspot.com/?m=Amin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lodiing-urll.blogspot.com/?m=Amin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2026
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 14:03:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 01 Feb 2024 16:07:23 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/ 		180 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
653580135391fdad15c54171bfb61cf1e29b292ec872576e903f77c085b49539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lodiing-urll.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61200
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 23:32:27 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: lodiing-urll.blogspot.com
URL: https://lodiing-urll.blogspot.com/?m=Amin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lodiing-urll.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
18670
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
84b1c4d3ddd49b49-FRA
content-length
4547
navbar.g
www.blogger.com/ Frame 0154 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=4596589553836800142&blogName=Totong+Amin+Rewards+US+-+Cash+$750&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=CLASSIC&searchRoot=https://lodiing-urll.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://lodiing-urll.blogspot.com/&vt=7470723328062725851&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Vfl3xXWFLmk.O%2Fd%3D1%2Frs%3DAHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
31aae8cf956976112c900dd9034f3d2e74e1522ed19251150aab06ee7b521547
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lodiing-urll.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2620
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Thu, 25 Jan 2024 16:07:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
0.php
s4.histats.com/stats/ 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4757893&@f16&@g1&@h1&@i1&@j1706198843542&@k0&@l1&@mLoading&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:63343203&@b3:1706198844&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Flodiing-urll.blogspot.com%2F%3Fm%3DAmin&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534296.ip-149-56-240.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lodiing-urll.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 16:07:23 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 0154 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=4596589553836800142&blogName=Totong+Amin+Rewards+US+-+Cash+$750&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=CLASSIC&searchRoot=https://lodiing-urll.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://lodiing-urll.blogspot.com/&vt=7470723328062725851&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Vfl3xXWFLmk.O%2Fd%3D1%2Frs%3DAHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42a2274a1c8d8429e60f07a4a2c4775b90ea509845a09aba2c286c4116922165
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 Jan 2024 16:07:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21942
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"1f1cfac2db865f30"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 16:07:23 GMT
icons_peach.png
resources.blogblog.com/img/navbar/ Frame 0154 		907 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/icons_peach.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=4596589553836800142&blogName=Totong+Amin+Rewards+US+-+Cash+$750&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=CLASSIC&searchRoot=https://lodiing-urll.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://lodiing-urll.blogspot.com/&vt=7470723328062725851&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Vfl3xXWFLmk.O%2Fd%3D1%2Frs%3DAHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:27:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jan 2024 19:01:05 GMT
server
sffe
age
146406
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
907
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 30 Jan 2024 23:27:17 GMT
arrows-light.png
resources.blogblog.com/img/navbar/ Frame 0154 		117 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/arrows-light.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=4596589553836800142&blogName=Totong+Amin+Rewards+US+-+Cash+$750&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=CLASSIC&searchRoot=https://lodiing-urll.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://lodiing-urll.blogspot.com/&vt=7470723328062725851&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Vfl3xXWFLmk.O%2Fd%3D1%2Frs%3DAHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:27:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jan 2024 22:02:15 GMT
server
sffe
age
146406
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 30 Jan 2024 23:27:17 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/ Frame 0154 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7b1ce83c9dd97cc02e41747ca249670957b6af2bc274a5423cf2877996ed547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 21:12:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45668
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 21:12:17 GMT
53177516
smrturl.co/o/494792/ 		904 B
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://smrturl.co/o/494792/53177516?s1=Amin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:95c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
8d995f7274383c739d075e171735bbaf4dffc9c1b1d9e6bd2a8c3188a06b80e7

Request headers

Referer
https://lodiing-urll.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84b1c4d759d54d50-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 25 Jan 2024 16:07:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BceFog9fcExVuI4IPTKqssB6YX%2FTL%2FKMofhOfbmdeqY7YCzE2SKPiGXuh3QLg6bGZacBbQ9CjBIZJMMfQsmI%2Ftbk2jrfX178NB8%2Btq%2FeryO8Unm4tDoxm0y%2FRvA1PNnlxPusywzUo6j4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.11
Primary Request campaign_636.html
de636.happynachrichten.de/
Redirect Chain
  • https://run.storkmobi.com/click?pid=3554&offer_id=80940&sub1=Cdbba19244ae28&sub5=494792&sub6=https%3A%2F%2Flodiing-urll.blogspot.com%2F&sub7=https%3A%2F%2Flodiing-urll.blogspot.com%2F
  • https://www.tgnk.de/4848SBD/RP1L33/?sub1=3554&sub2=494792&sub3=65b2873dbe63b90001931cf3
  • https://cplmax.com/de03,amazon,750_398.html?idPartner=37&idCampaignAd=0&subId=2007_3554&subIdentifier=e96ea0785c0f41c9893b6190c84c14f7_494792
  • https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
103 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Requested by
Host: smrturl.co
URL: https://smrturl.co/o/494792/53177516?s1=Amin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e3b8ca008f3742884babc6599283922ee2615919ea65b6197621c3224ab5f1ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
28316
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Jan 2024 16:07:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Jan 2024 16:07:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1934704
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOLyYdQNQ70qteeEcZX0VJuQAWd1AGcOZ%2F8Mvyku9zhO1QZ%2BQFIOGm3SUMVj1wr7erNW3FLNZggvM5MvQF1tMBjoKdIodtID66grSpcxMQ42UabTYOztK8gvb2Cp4G1IJ%2Bx0IxrS5QINEM0yHLPT6suR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
84b1c4e2382a0eb2-AMS
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 16:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 14:40:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 16:07:25 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:35:23 GMT
cyF8KJYSfZzhHi8Py.js
static.cleverpush.com/channel/loader/ 		227 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ebc5147516f528f393d25db80ff52683fc9d278483cc594470ca6db5e653b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1SNFYDBW3NA5KH46
age
11720
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KbpGRHHegJH1COi1btEuYeUZl5Crayu1WJ76r0GVyTlkQTUjWpgcX2baC2AJWF8RFFLtSFFvpDA=
last-modified
Wed, 24 Jan 2024 00:41:12 GMT
server
cloudflare
etag
W/"f89d3902fb3d85bb4b39d23e1d120744"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krrUBaR0bYZgkTnWTLy92U55uWy5ljwPKDQ%2B3Roq%2BS55Pg6zJU%2FXCE39u%2Bo541CmMpWHPibqOk7KfhSw2qu2eSzpKB2ebtdwx6XR55bUDLvcq0jJ7Tt%2F8Nz2EMU0eHmJVaOqyynKtcyriBoPRDV9QEDmBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
84b1c4e33c81bb85-FRA
amazon750mo,.jpg
de636.happynachrichten.de/media/adresseManager/microSiteImg/636/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de636.happynachrichten.de/media/adresseManager/microSiteImg/636/amazon750mo,.jpg
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f71259d3b11236cd5d1afe40962c40a5ec4aefe842014553d5c0e78d7ae70ce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 16:07:25 GMT
Last-Modified
Wed, 22 Jun 2022 14:21:21 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3411-5e20a0d1c4e97"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
13329
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 25 Jan 2024 16:07:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57021
x-xss-protection
0
pragma
public
x-fb-debug
Rd+AfAEod7t2UBwOwnuvObFcIGpNgArYiMU+IcxlgTMG+TDFFYGK9ik5ylNl5NxjhvzwqZ5KUF7IiLhkavr9GQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bgamazon.jpg
de636.happynachrichten.de/media/adresseManager/microSiteImg/636/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de636.happynachrichten.de/media/adresseManager/microSiteImg/636/bgamazon.jpg
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6a9342a10497031673c70608a9fddf32d6125f807cb12ccd30157cd29013b595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 16:07:25 GMT
Last-Modified
Wed, 22 Jun 2022 14:21:21 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1329-5e20a0d1c4e97"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4905
banner,offer.jpg
de636.happynachrichten.de/media/adresseManager/microSiteImg/636/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de636.happynachrichten.de/media/adresseManager/microSiteImg/636/banner,offer.jpg
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
efce2f3b0d83b59cc5ba48aa01b87ffd72af8c18df0dac6d0abc018dc7904705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 16:07:25 GMT
Last-Modified
Wed, 22 Jun 2022 14:18:42 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"209a-5e20a03a26174"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
8346
amazon750.png
de636.happynachrichten.de/media/adresseManager/microSiteImg/636/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de636.happynachrichten.de/media/adresseManager/microSiteImg/636/amazon750.png
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
253d5086aa03c540fb6d2ad2f9d4559906c0adca19a603a56bb51ddd0cf1af58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 16:07:25 GMT
Last-Modified
Wed, 22 Jun 2022 14:21:21 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1a3f8-5e20a0d1c4e97"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
107512
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://de636.happynachrichten.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 06:10:26 GMT
x-content-type-options
nosniff
age
35819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 06:10:26 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b271f0f1080ed8ed4c8e884d846bf9d94a41d7c86f13145c66769f6b5a16adbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://de636.happynachrichten.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:32:37 GMT
x-content-type-options
nosniff
age
146088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10180
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:49:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:32:37 GMT
m.png
de636.happynachrichten.de/media/adresseManager/microSiteImg/636/ 		698 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de636.happynachrichten.de/media/adresseManager/microSiteImg/636/m.png
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d0a889307baa6e03ada994a637cbe7a9c6bec66728867070c56d36edf9683040

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 16:07:25 GMT
Last-Modified
Wed, 22 Jun 2022 14:18:42 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2ba-5e20a03a26174"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
698
f.png
de636.happynachrichten.de/media/adresseManager/microSiteImg/636/ 		625 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de636.happynachrichten.de/media/adresseManager/microSiteImg/636/f.png
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e118fcf9e18fa7989806454c9b5292bc3430ebe9fdeeed1357a7b9983ce6175e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 16:07:25 GMT
Last-Modified
Wed, 22 Jun 2022 14:18:42 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"271-5e20a03a26174"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
625
5.6bbe18a1a9df9ddddcc4.js
static.cleverpush.com/sdk/chunk/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.6bbe18a1a9df9ddddcc4.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e675226d218c63702642d3f203ae7d16f4cd056f3a04529713f32e3d8af94265

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2NA52WZ5X8T584M9
age
5696
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4FsZW2uPy9+3OAjsmyVNH+361KthOIfJuZieD+7YteRv9uWtQ9sA+GV5Uf5Oinw/JdRsUaM00Bw=
last-modified
Thu, 25 Jan 2024 14:32:18 GMT
server
cloudflare
etag
W/"906cae8a7f2cae38221f3db30db3713c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LW7HjuvpsYQkTWpBy2mFvmZcgPB5dF7Is%2F2%2BTWTBRl9wackFTATajGNrkAOj00i7RTaLZDZYdG52EwKdC8DFtlswe3AMAPVpA0P23i9nkQ%2FObBiQaVKn%2Fj%2Ft5Le4ANiPgcFvGztDewUw397RQ1O45uezhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
84b1c4e3cd31bb85-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
B3N3Q8AC77PMZFEF
age
5697
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8pnG9oK9RwXQWV04zPBAtTuw1VtreDDN4U/F197H5ODm/rpJM6LQZxT822gNg3YtbHPST+pMcyQ=
last-modified
Thu, 25 Jan 2024 14:32:17 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2dKYhqsRyZJWfhJZ3RXk0Cc5DnsWdIxE8wuU9y%2BGdEbZkZgqWS70fX1PZqsQu3EqGoDrWPaoR%2BmwhTXEhSJ8A2IB%2B5BTeZQ1RlMroKs91%2BIL0hYXimck%2BEK4fBGXNkOXXjsfW9ahBFUyQF9PtvKgTULnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
84b1c4e3cd3bbb85-FRA
115.7f076c17cad757bbf023.js
static.cleverpush.com/sdk/chunk/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/115.7f076c17cad757bbf023.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e47f1cc4c8709442a2abb74583129dd04fd4cd1a86e10ef089a3f88d33166682

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
B3NEX27EM4PB63NB
age
5697
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
x4LkxA+SwLwlFXseQDnGJFVb4hvFffk7odfSBgrBTGJ1NydxVfejwI6Aua07gInb4V0Akti00XQ=
last-modified
Thu, 25 Jan 2024 14:32:17 GMT
server
cloudflare
etag
W/"030c085a93056cfc4733dcf13df4d14c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuTWhZXz1QRmXS5%2BCyjBBD2ZV0OTYGd2RTkqHLXfQJf7fjF%2F3cyF8UQLBoLCRwK6fThB9BuYoqNZ4xCcRhEhbkRi6Y0wxb1sqyAP1ZE5MhxvF%2FIkODz26JYzokRv%2FiAM5UQPG%2FNaRJHI3o2s299DNazF7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
84b1c4e3cd41bb85-FRA
iframe
lv1.mycleverpush.com/ Frame E26C 		74 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde636.happynachrichten.de
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.45.25 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.25.45.69.159.clients.your-server.de
Software
/
Resource Hash
13167b388a9e76cdaadb187e120ca0cd4369de3d652213135a908c646e90b698
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 25 Jan 2024 16:07:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-1
x-cache-status
HIT
x-robots-tag
noindex
494792
connect.facebook.net/signals/config/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/494792?v=2.9.142&r=stable&domain=de636.happynachrichten.de&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
051dc0ae1c56ec9046ab170d3645e8b2e76b66c9aea7c66982591d3db131d70d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 25 Jan 2024 16:07:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
AyBxV9AftirkTk5KVh8BgWZ1v9+e7x/Rnb6EMdqMYCfwz6+QN7IXl4+rE76QZBkey3nQ+UHLXWOzpxN5TjcRoQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=494792&ev=PageView&dl=https%3A%2F%2Fde636.happynachrichten.de%2Fcampaign_636.html%3FcoyoteAffiliTokenId%3D73926027%26&rl=&if=false&ts=1706198846180&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=28&it=1706198846091&coo=false&exp=d3&rqm=GET
Requested by
Host: de636.happynachrichten.de
URL: https://de636.happynachrichten.de/campaign_636.html?coyoteAffiliTokenId=73926027&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 25 Jan 2024 16:07:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
5.6bbe18a1a9df9ddddcc4.js
static.cleverpush.com/sdk/chunk/ Frame E26C 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.6bbe18a1a9df9ddddcc4.js
Requested by
Host: lv1.mycleverpush.com
URL: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde636.happynachrichten.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e675226d218c63702642d3f203ae7d16f4cd056f3a04529713f32e3d8af94265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lv1.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2NA48Z8HH5AKF6ZZ
age
5696
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DXhgu60PygZpiQkbNDEFivV8Qv5Oh9hk2hVjGI73mKx49SOcmQmIZUTcN0OZ+dV3fdEzHl/aIjg=
last-modified
Thu, 25 Jan 2024 14:32:18 GMT
server
cloudflare
etag
W/"906cae8a7f2cae38221f3db30db3713c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YYpkdX88frSwuw3GhxfAzM4xAl7KyNtC7FiYIXKiOJ7gvObnYjlb6Ycj2I7MF7vTHpMEttXY2CvrH0ynga%2B65VbnVnEEO478unUhHYlrqjG6cFXnJnh4HuInp5y7CBUOnLIBZG7qyB%2FllyRN2Qx2f1frA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
84b1c4e59ac02c5b-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ Frame E26C 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: lv1.mycleverpush.com
URL: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde636.happynachrichten.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lv1.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
B3N54A6DJ5F9FCK2
age
5697
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
X5P2r/DOv9RaM74zD08CWVB3EhgZJ6Nkk36TFguvaFK5ZuAWR9VUqGw2289xJHnmrwMtzbuDNtQ=
last-modified
Thu, 25 Jan 2024 14:32:17 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOISgYkEq2SgIweormYtnB1J0TGmY9%2Fiu5FOECv3hDP3dkM2nRILYjuhV%2Baw7oruQuhzoUB5S6VdVZjLOqBuUaH41JZODYNWK0IM%2FAZxJJ4xsZbGlU%2FlKVa3n%2BdVFtP6Wiwj5oUdLJnqldwwrthC8%2BreFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
84b1c4e59ac12c5b-FRA
818.a57bf931a2ae72731020.js
static.cleverpush.com/sdk/chunk/ Frame E26C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/818.a57bf931a2ae72731020.js
Requested by
Host: lv1.mycleverpush.com
URL: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde636.happynachrichten.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828d061fc6ee4c45da4fa52015068c44230241d2a9977d85dc7480f106bb8562

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lv1.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2NAF1JB0D92HQ7M1
age
5696
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rd7Xc9zV58J64yLuiTRYh+refSPIv8iQYfhT0XoQKvHDKhlLAfon+l6+yUkqk3sRigTu5xNsd94=
last-modified
Thu, 25 Jan 2024 14:32:19 GMT
server
cloudflare
etag
W/"1e706587e7b34208f748533f72fb63bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n67u48yz09g6%2BkJJ9x1e8%2FNYt2YVBjFeCpJeeKJUxoFFyawENVvw5qFfXrkCu1wlO16tAtpc%2Fr4Vji4zVH9yaEHbzTzOFS8%2F%2B3AYfhigf7R3ZKXIlKTP6TrfyrVojQAMXdwPTg7Cq8pdAV3vl62v4McU8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
84b1c4e59ac22c5b-FRA
103.ca34caf4a7c7f94a245a.js
static.cleverpush.com/sdk/chunk/ 		96 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/103.ca34caf4a7c7f94a245a.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
B3NECNSH7WMH1H2N
age
5697
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
lBZrctcNUQB8RPQn+NendCOypsjgSJcJ76esdki90bIJ5UAliydxDzhLBn/U4JCtuYBsnxjd9D6OUNJR/cIuAA==
last-modified
Thu, 25 Jan 2024 14:32:17 GMT
server
cloudflare
etag
W/"edca157e63c1ec51d4f0d926c455f313"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwlKWc5sYpU4TBuE1pIsdhmf0G06rS%2FbwKJE1YD5zdx8ypLXxAJwpkl0CiSu9I10Iovxmhh6rdAxCUH23Dm8G6m0n%2FbAzJwHv%2FxAnOFLoZl2fiD53t3TPyHpJwS4jqbqR%2FTqeK2jP6I%2BPnApz7ohV%2FDjKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
84b1c4e63baa2c5b-FRA
720.0bdbfc00d66464030daa.js
static.cleverpush.com/sdk/chunk/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/720.0bdbfc00d66464030daa.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73af61418ca8ea40f925bdd5c5380ee58ca1dc74117b5f9759336570a614aadb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2NAFJVHVSYW5ZCPH
age
5696
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
TfLJlLoHmfL5ZSGEidAj6WCUnfoE11GvmPe82KIAYW/gPEIoBqB7lBpdFenMsGFV5O7a51r+uFw=
last-modified
Thu, 25 Jan 2024 14:32:19 GMT
server
cloudflare
etag
W/"28ec846c537fa018d121178bf42a8c58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpsN1Q60YrJD98xP3g%2BZqH5xggnhy7UE5%2F29SGMPoT3bOxyjimIZy1A4HeqiVuAAx8UEW6UlS5EWjWlDvPdkNiuHdJEso6VV%2B7Ry8gUQJr7XrA%2Bm4e%2Bc%2F4mN3%2F5Um5LVXWvZ0a8S99lVepJdcp0jCOQYjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
84b1c4e63bac2c5b-FRA
optin-visitor
api.cleverpush.com/channel/ 		16 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jan 2024 16:07:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-3
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fZGYKVq68HhGMjqRu2qXSHgXtaD11JxdX9jKOvhLgNmTpe2pcfZRqW9JObogO0GyvY2eoPRSsbttfKVJi1b9tK94fuGfr8dW1QVPYkRuUFEaKF82WXg83tZZhO8DlX5fKMJxxawi6gxAtiOoGBxfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
84b1c4e7dbc40374-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de636.happynachrichten.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84b1c4e77b540374-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Thu, 25 Jan 2024 16:07:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZpSqAfI2X3pykvgnCyiASqlqhFPlFafD6BvOTXtoCp%2BeRw8fO%2BebjOXAZoPSRyN2xxmi1FgLG34JuUkyOUilU9k%2FiYy7GQNoe4Ryont99WoSMDNi%2F5PYC41Kd3yWrUETMPZX9hV0Q4E70pZN5M4pA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| fbq function| _fbq object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| CleverPush

16 Cookies

Domain/Path Name / Value
smrturl.co/o/494792 Name: dynamo_v_id
Value: Vdb807fce71367
.google.com/ Name: NID
Value: 511=iBKDKHifPAY-Ck0AIBN6ev2V2oiShTAsfwSkwXQLKdPrID5e5oX96zI0divCgGGyRhTnKNtd1dTJsDhpudT830gG3uCVb8NBRNAm1A-039MP3tjBIvBH8amA7hyFZG9k3brvS1AH1fic1MOKWcqX4cdQ5DF_c7Qjo7CKwhSzMMk
lodiing-urll.blogspot.com/ Name: HstCfa4757893
Value: 1706198843542
lodiing-urll.blogspot.com/ Name: HstCla4757893
Value: 1706198843542
lodiing-urll.blogspot.com/ Name: HstCmu4757893
Value: 1706198843542
lodiing-urll.blogspot.com/ Name: HstPn4757893
Value: 1
lodiing-urll.blogspot.com/ Name: HstPt4757893
Value: 1
lodiing-urll.blogspot.com/ Name: HstCnv4757893
Value: 1
lodiing-urll.blogspot.com/ Name: HstCns4757893
Value: 1
run.storkmobi.com/ Name: afclick
Value: 65b2873dbe63b90001931cf3
run.storkmobi.com/ Name: afoffers
Value: {"80940":1706198845}
www.tgnk.de/ Name: uniqueClick_RP1L33
Value: 43c964d2-aa83-413e-8abe-04fa53682e5e:1706198845
www.tgnk.de/ Name: transaction_id
Value: e96ea0785c0f41c9893b6190c84c14f7
cplmax.com/ Name: PHPSESSID
Value: 890k15vaurd2el3d63k11ok4k3
de636.happynachrichten.de/ Name: PHPSESSID
Value: mo863rehjtotlfigd89djfkqn8
de636.happynachrichten.de/ Name: coyoteAffiliTokenId636
Value: 73926027

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cleverpush.com
apis.google.com
connect.facebook.net
cplmax.com
de636.happynachrichten.de
fonts.googleapis.com
fonts.gstatic.com
lodiing-urll.blogspot.com
lv1.mycleverpush.com
rb.gy
resources.blogblog.com
run.storkmobi.com
s10.histats.com
s4.histats.com
smrturl.co
static.cleverpush.com
use.fontawesome.com
www.blogger.com
www.facebook.com
www.tgnk.de
149.56.240.128
159.69.45.25
2606:4700:10::6814:4f63
2606:4700:20::ac43:47b8
2606:4700:3037::ac43:95c7
2606:4700:e2::ac40:8c0d
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2009
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.211.68.9
34.111.143.46
35.204.59.16
45.156.91.33
051dc0ae1c56ec9046ab170d3645e8b2e76b66c9aea7c66982591d3db131d70d
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
13167b388a9e76cdaadb187e120ca0cd4369de3d652213135a908c646e90b698
13e49f09a5043de3c19583c2f6183cf80bffe2b5777971714544a374f84e170c
23ebc5147516f528f393d25db80ff52683fc9d278483cc594470ca6db5e653b5
253d5086aa03c540fb6d2ad2f9d4559906c0adca19a603a56bb51ddd0cf1af58
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
31aae8cf956976112c900dd9034f3d2e74e1522ed19251150aab06ee7b521547
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b
42a2274a1c8d8429e60f07a4a2c4775b90ea509845a09aba2c286c4116922165
5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb
653580135391fdad15c54171bfb61cf1e29b292ec872576e903f77c085b49539
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a9342a10497031673c70608a9fddf32d6125f807cb12ccd30157cd29013b595
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
73af61418ca8ea40f925bdd5c5380ee58ca1dc74117b5f9759336570a614aadb
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e
828d061fc6ee4c45da4fa52015068c44230241d2a9977d85dc7480f106bb8562
8d995f7274383c739d075e171735bbaf4dffc9c1b1d9e6bd2a8c3188a06b80e7
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a6e7616391f5c7649cd033b934318aa33a71e9ce24c341c0e62e438c14bd66c5
b271f0f1080ed8ed4c8e884d846bf9d94a41d7c86f13145c66769f6b5a16adbb
b7b1ce83c9dd97cc02e41747ca249670957b6af2bc274a5423cf2877996ed547
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d0a889307baa6e03ada994a637cbe7a9c6bec66728867070c56d36edf9683040
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e118fcf9e18fa7989806454c9b5292bc3430ebe9fdeeed1357a7b9983ce6175e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ca008f3742884babc6599283922ee2615919ea65b6197621c3224ab5f1ca
e47f1cc4c8709442a2abb74583129dd04fd4cd1a86e10ef089a3f88d33166682
e675226d218c63702642d3f203ae7d16f4cd056f3a04529713f32e3d8af94265
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
efce2f3b0d83b59cc5ba48aa01b87ffd72af8c18df0dac6d0abc018dc7904705
f71259d3b11236cd5d1afe40962c40a5ec4aefe842014553d5c0e78d7ae70ce7