urlscan.io logo urlscan.io
SecurityTrails logo

de53.1gewinner.de Open in urlscan Pro
45.156.91.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://smrturl.co/o/s078a964897/53487322?s1=iphone
Effective URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Submission: On August 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 36 HTTP transactions. The main IP is 45.156.91.34, located in Germany and belongs to ABUNTIS, DE. The main domain is de53.1gewinner.de.
TLS certificate: Issued by R11 on July 22nd 2024. Valid for: 3 months.
This is the only time de53.1gewinner.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.149.199 13335 (CLOUDFLAR...)
1 1 34.141.179.97 396982 (GOOGLE-CL...)
1 1 34.111.143.46 396982 (GOOGLE-CL...)
1 8 45.156.91.34 211823 (ABUNTIS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
2 35.158.79.89 16509 (AMAZON-02)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 78.46.198.121 24940 (HETZNER-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
36 11
2    172.67.149.199 (United States)

ASN13335 (CLOUDFLARENET, US)
smrturl.co
1    34.141.179.97 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.179.141.34.bc.googleusercontent.com
go.smartorfast.com
1    34.111.143.46 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.143.111.34.bc.googleusercontent.com
www.sbbq3otrk.com
8    45.156.91.34 (Germany)

ASN211823 (ABUNTIS, DE)
trckde01.de
de53.1gewinner.de
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
15    2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
2    35.158.79.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
meine.pixelweiche.de
1    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    78.46.198.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.198.46.78.clients.your-server.de
lv1.mycleverpush.com
2    2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)
api.cleverpush.com
Apex Domain
Subdomains		 Transfer
17 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 23885
api.cleverpush.com — Cisco Umbrella Rank: 20452
127 KB
7 1gewinner.de
de53.1gewinner.de
783 KB
2 pixelweiche.de
meine.pixelweiche.de
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 641
35 KB
2 smrturl.co
smrturl.co — Cisco Umbrella Rank: 393528
1 KB
1 mycleverpush.com
lv1.mycleverpush.com
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
60 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950
11 KB
1 trckde01.de
trckde01.de
791 B
1 sbbq3otrk.com
www.sbbq3otrk.com
696 B
1 smartorfast.com
go.smartorfast.com — Cisco Umbrella Rank: 429665
326 B
36 11
Domain Requested by
15 static.cleverpush.com de53.1gewinner.de
static.cleverpush.com
7 de53.1gewinner.de smrturl.co
de53.1gewinner.de
2 api.cleverpush.com static.cleverpush.com
2 meine.pixelweiche.de de53.1gewinner.de
meine.pixelweiche.de
2 smrturl.co
1 lv1.mycleverpush.com static.cleverpush.com
1 connect.facebook.net de53.1gewinner.de
1 ajax.googleapis.com de53.1gewinner.de
1 use.fontawesome.com de53.1gewinner.de
1 fonts.googleapis.com de53.1gewinner.de
1 trckde01.de 1 redirects
1 www.sbbq3otrk.com 1 redirects
1 go.smartorfast.com 1 redirects
36 13
Subject Issuer Validity Valid
smrturl.co
WE1		 2024-07-16 -
2024-10-14		 3 months crt.sh
*.1gewinner.de
R11		 2024-07-22 -
2024-10-20		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
cleverpush.com
WE1		 2024-06-28 -
2024-09-26		 3 months crt.sh
coyote.pixel-weiche.de
R11		 2024-06-23 -
2024-09-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-16 -
2025-06-16		 a year crt.sh

This page contains 2 frames:

Primary Page: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Frame ID: 2F610AE07AE86EF3371AFBCA75D156E0
Requests: 33 HTTP requests in this frame

Frame: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde53.1gewinner.de
Frame ID: A13E16A47FE8E3F657C1FC2CA0464E65
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MediaMarkt Geschenkkarte

Page URL History Show full URLs

  1. http://smrturl.co/o/s078a964897/53487322?s1=iphone HTTP 307
    https://smrturl.co/o/s078a964897/53487322?s1=iphone Page URL
  2. https://go.smartorfast.com/click?pid=434&offer_id=24899&sub6=Cdb8e4bea8f6f2&sub2=434_627705&sub4=0&sub5... HTTP 302
    https://www.sbbq3otrk.com/2SML767/2CTPL1/?sub1=434_627705&sub3=66b95bdb89f51f0001963c5c HTTP 302
    https://trckde01.de/,mediamarkt,750_36.html?idPartner=69&idCampaignAd=0&subId=1138_434_627705&su... HTTP 302
    https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

92 %
HTTPS

50 %
IPv6

11
Domains

13
Subdomains

11
IPs

3
Countries

1018 kB
Transfer

1980 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://smrturl.co/o/s078a964897/53487322?s1=iphone HTTP 307
    https://smrturl.co/o/s078a964897/53487322?s1=iphone Page URL
  2. https://go.smartorfast.com/click?pid=434&offer_id=24899&sub6=Cdb8e4bea8f6f2&sub2=434_627705&sub4=0&sub5=24899 HTTP 302
    https://www.sbbq3otrk.com/2SML767/2CTPL1/?sub1=434_627705&sub3=66b95bdb89f51f0001963c5c HTTP 302
    https://trckde01.de/,mediamarkt,750_36.html?idPartner=69&idCampaignAd=0&subId=1138_434_627705&subIdentifier=81c269ae809e49c6a7172934a5f1b83c_ HTTP 302
    https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://smrturl.co/o/s078a964897/53487322?s1=iphone HTTP 307
  • https://smrturl.co/o/s078a964897/53487322?s1=iphone

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
53487322
smrturl.co/o/s078a964897/
Redirect Chain
  • http://smrturl.co/o/s078a964897/53487322?s1=iphone
  • https://smrturl.co/o/s078a964897/53487322?s1=iphone
617 B
789 B 		Document
General
Check archive.org
Download Go to
Full URL
https://smrturl.co/o/s078a964897/53487322?s1=iphone
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
6fe6370520bcab3c884d5ff45392e1fe334fd36522bba18707af760a42ceec37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b1c75b8283039d6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 12 Aug 2024 00:48:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MkGIQACmIKjNsBLjMFiBMe7W1aOBd%2BN4L4inpq9%2FNFiWUGbJI4OnDhy0%2FhrHyiNCIPRmbPi%2Flh9HS5vBJgp%2FQ7x8UUFS5NUySDAql%2FLxyuJmvCa2QFrpDcUE4RI0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.11

Redirect headers

Location
https://smrturl.co/o/s078a964897/53487322?s1=iphone
Non-Authoritative-Reason
HttpsUpgrades
Primary Request campaign_53.html
de53.1gewinner.de/
Redirect Chain
  • https://go.smartorfast.com/click?pid=434&offer_id=24899&sub6=Cdb8e4bea8f6f2&sub2=434_627705&sub4=0&sub5=24899
  • https://www.sbbq3otrk.com/2SML767/2CTPL1/?sub1=434_627705&sub3=66b95bdb89f51f0001963c5c
  • https://trckde01.de/,mediamarkt,750_36.html?idPartner=69&idCampaignAd=0&subId=1138_434_627705&subIdentifier=81c269ae809e49c6a7172934a5f1b83c_
  • https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
171 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Requested by
Host: smrturl.co
URL: https://smrturl.co/o/s078a964897/53487322?s1=iphone
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2fd3ed7e28fabdc339afab10518db81afa03f2cc58012f6c9fc5d14f8a30466b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
38264
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Aug 2024 00:48:28 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Aug 2024 00:48:28 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
favicon.ico
smrturl.co/ 		13 B
486 B 		Other
General
Check archive.org
Download Go to
Full URL
https://smrturl.co/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 11 Aug 2024 23:10:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5857
x-powered-by
PHP/7.4.11
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eapzsb%2BhVQp60wwdO9hVrXAFDRj%2BGbIquZqOzt45sjHdRHH6z%2Fk%2FFEfaKevK3Nt0%2Bu7jqOIkugHO%2FW3FeaIecfZgpXq1jOC3GF8slL54eG5ScaJtsSjkQ3Pp%2F4SR"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
8b1c75bc7a8539d6-FRA
alt-svc
h3=":443"; ma=86400
cpa_style.css
de53.1gewinner.de/media/adresseManager/microSiteFiles/53/ 		248 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://de53.1gewinner.de/media/adresseManager/microSiteFiles/53/cpa_style.css
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d

Request headers

Referer
https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 00:48:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Apr 2019 12:39:18 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3e0cd-58690f0e87ec8-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
40035
css2
fonts.googleapis.com/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Aug 2024 00:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Aug 2024 23:04:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Aug 2024 00:48:28 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
https://de53.1gewinner.de/
Origin
https://de53.1gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
302857
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AvRwRJ1XjMxFXWszRnbsM1gRaTsrmVrzynsParfcg9ze2f%2Bgrn6PD%2FX5%2BhrtWzKnpH9pBL7JW%2B%2BahY62Su7UNCJNbjr0E6hbfIqyndoQ65O9PqIapuyWYUYEFCdps917WlyVZEF9ECc74Uw7OSPATJuH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8b1c75c51b50994b-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 17:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 17:13:57 GMT
cyF8KJYSfZzhHi8Py.js
static.cleverpush.com/channel/loader/ 		170 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c809a475c81472c18ac503e14ac52358a9d210d1b1654b73618725806b7f82

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PD4ECQVP5N93BQBC
age
20978
x-amz-server-side-encryption
AES256
x-amz-id-2
EwITb0LpYgjFsm0L7mu345eaGU+UvZZ/t55Iq3ZeAW5h39wWFtc5KRhkCQFYk07TP50Dg3RyeTnpr8SBiHzgXLjfMh3uI0zac1C3BVEv6Hg=
last-modified
Sun, 11 Aug 2024 00:43:23 GMT
server
cloudflare
etag
W/"8db17304c0f11bac56e52226da362858"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=If82mhag5vcv0ySHRIYNRGb%2FnQOTZOkOw6L5ulAMRWuQNtbNO7rDpz%2BR%2FfbP1TjnuRDnWgTbHnVGEX61j1dk2XVCrSTROzOgHjN8nTQHQNGTQwmqmHUeQtfXT6v8DBrM%2BnhRoBrKPc08r138qroNpvdOPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
8b1c75c65944bbe6-FRA
freeheader.png
de53.1gewinner.de/media/adresseManager/microSiteImg/53/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de53.1gewinner.de/media/adresseManager/microSiteImg/53/freeheader.png
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b03aad60802ac7854a522fcd8efe05739e585c6d04727b0b120f16e868b55db4

Request headers

Referer
https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 00:48:28 GMT
Last-Modified
Wed, 26 Jun 2024 07:51:33 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"b09-61bc6487c94a2"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2825
fr.png
de53.1gewinner.de/media/adresseManager/microSiteImg/53/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de53.1gewinner.de/media/adresseManager/microSiteImg/53/fr.png
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e87de448fe0489a66cce3d6dccaee65333ef8ca856b171deb8036aaedffd3727

Request headers

Referer
https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 00:48:28 GMT
Last-Modified
Wed, 26 Jun 2024 07:50:32 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11d6-61bc644db7e9a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4566
mediamarkt750mv.jpg
de53.1gewinner.de/media/adresseManager/microSiteImg/53/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de53.1gewinner.de/media/adresseManager/microSiteImg/53/mediamarkt750mv.jpg
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e3c1fad504d13c3cab7d8d1a35cea93be56130629cbbece83d5dd5da16ac4a43

Request headers

Referer
https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 00:48:28 GMT
Last-Modified
Wed, 26 Jun 2024 07:50:32 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"193fe-61bc644db7e9a"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
103422
script.js
meine.pixelweiche.de/ 		964 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.pixelweiche.de/script.js
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 /
Resource Hash
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 00:48:29 GMT
Last-Modified
Fri, 01 Sep 2017 06:01:35 GMT
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
ETag
"3c4-5581a7e5699e1;61b858aaf433b"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
964
mediamarkt750bg.jpg
de53.1gewinner.de/media/adresseManager/microSiteImg/53/ 		524 KB
524 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de53.1gewinner.de/media/adresseManager/microSiteImg/53/mediamarkt750bg.jpg
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
44b797dd529d70a80df7bb7142aa6c90357039a98cd76d3cdf4dcbafe10c389a

Request headers

Referer
https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 00:48:29 GMT
Last-Modified
Wed, 26 Jun 2024 07:50:32 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"83011-61bc644db7e9a"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
536593
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: de53.1gewinner.de
URL: https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Aug 2024 00:48:29 GMT
document-policy
force-load-at-top
x-fb-server-load
41
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
na0iVQDQ5ZDUmRoVky/hQpSNCgvifINmsLhZcHxxKlU/L7yuFJNsCKyLLuki0tTpKVhZeIDYNzV6BDMzHw37Bg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
script.js
meine.pixelweiche.de/tg/ 		0
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meine.pixelweiche.de/tg/script.js?idPartner=&subId=&subIdentifier=&postbackToken=&zielseite=adressdata1
Requested by
Host: meine.pixelweiche.de
URL: https://meine.pixelweiche.de/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 / PHP/5.6.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Aug 2024 00:48:29 GMT
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
X-Powered-By
PHP/5.6.30
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
9835.4224ee6cdea15e6c6e7b.js
static.cleverpush.com/sdk/chunk/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/9835.4224ee6cdea15e6c6e7b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046d73655eb275b276a5b08509b844ff72efcfc39e570751a34c708201cbd7c9

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PX12W5TS3NSBP0P9
age
20710
x-amz-server-side-encryption
AES256
x-amz-id-2
dTgZXlkQ1K3/UVbSDeeDK0AarIbafsPXD94JZknu4vcd9FTbm4gjOVpmAD7BD3yMJut8wpyQW3Y=
last-modified
Fri, 09 Aug 2024 19:03:11 GMT
server
cloudflare
etag
W/"5c516e12c150905094329add62f53719"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCskI9TrXRSlP0ShFrFPZrnZDkUCRtA11wsXivfN%2Bg9Q4jdQ%2BoiJv2%2ByegJw1JTrQzrPESNPGMNZZMDdbRC%2FEjvJE9Xw228HJyXzsfKGmZrCQ57VMzFsH5IHGy01ZhIqfxg9ElmUf3fjOFaeG4kPF1xRXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75c91c1dbbe6-FRA
4663.a62cc16c9086f415ce3e.js
static.cleverpush.com/sdk/chunk/ 		1 KB
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4663.a62cc16c9086f415ce3e.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ce488016e10e57ed18b91230364c9b44ac2d00cd4eb5ec89c816a3ec035665

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HZECV6NKT5QXNV17
age
20711
x-amz-server-side-encryption
AES256
x-amz-id-2
vyFB07QoFiSkTpcpUwUK42eTntP0g/a3sXr9TZJTW3qOzjxCAitF+JHW8S9ZBXq9buzi56e7LiI=
last-modified
Fri, 09 Aug 2024 19:03:08 GMT
server
cloudflare
etag
W/"a82cf65ac0d1c5f50c78232480ec4b5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlZMj1ibpDvp%2BcYypn9n9FQI6CunP%2FoGJyLe1HxeB%2FqZyUn08Yu9IISXrVI%2Besal1yxrjT7BCX2eKUFlE2MgN6OyxYDUZ%2FXmGjA%2FB%2BBpKDMiz30pXAksTMn8HEhCvIT1V4O2sqn7feCPCiv7wG1%2FlABCiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75c91c20bbe6-FRA
4005.6f562922d9c9f546bc3d.js
static.cleverpush.com/sdk/chunk/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4005.6f562922d9c9f546bc3d.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee88822b67db7e7c863a6ba2e751bbce73d63a0e3b50a528da0b82a45ecbbc5

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SX9W201BTB2MRS2S
age
20712
x-amz-server-side-encryption
AES256
x-amz-id-2
SN7tiIOe3pQaaG/sPsOozGXucWi1XrMCyHGY6n2v5rM1Gq/AkZEcfDz0BCmnxcZP3T1OmVpcbJs=
last-modified
Fri, 09 Aug 2024 19:03:07 GMT
server
cloudflare
etag
W/"a8f33d6686dcc672874231122a4a4e3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMqT2GMiS%2B7w6w7o1%2B4CDKQ4XuZD7xhAmuWJwCmjUO4z4%2FCl0tWpbaPu5FSJJy3uFTzUPEZOifwdbrUaLmNAqg3LTMyqEvoMDSNECaalw50wo6hhDyhYJPh4RxmDCcbpz8jRqP19FsdLA3018rFnxYae5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75c97c8cbbe6-FRA
3251.852e9eed8ead3e6378e1.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/3251.852e9eed8ead3e6378e1.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3aa5f7c7a36d0219f25eea299c8d1e896d03dcbe0c3455830d775e35f9f1da4

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SX9P4XKW9VCZ55EB
age
20712
x-amz-server-side-encryption
AES256
x-amz-id-2
62+CnbADfiGoMbiwPsfN5UULm7PFfgnhpXv+m9c8zfZDoD5PmGGWEJ7F0CFwndfkcSb5NwGS97s=
last-modified
Fri, 09 Aug 2024 19:03:07 GMT
server
cloudflare
etag
W/"83f28f7f709f04b0db81309a40c83d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bgob3AviN9MfAJds%2Ft2UrDCeIq7cvApPJ8p%2FjZq3LlR3KVg53P4bcg6%2Bi4SP6vYpObF6U7q6KKoEvXFRrGBmTDg52gBU3nepaTvGFmYK2VpwHIHdpe15t8xOOT5m4LFCXdBJ5%2FsfdBLR2uwtYp9LitIZ4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75c97c8dbbe6-FRA
8115.72284aebf28876a6dab2.js
static.cleverpush.com/sdk/chunk/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/8115.72284aebf28876a6dab2.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e87710c0c3a6c2a24077a9b6c039560c4aba328a863839890bdaea51c228bc

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HZEF4A9RMPJ90ZH5
age
20711
x-amz-server-side-encryption
AES256
x-amz-id-2
yDU1UOop2gu2zUNmdRJY0iBSGefEv499w4Jo/2Uhhy7DHdMI/7bqKM6MshyAafcpA16phn4cOxU=
last-modified
Fri, 09 Aug 2024 19:03:10 GMT
server
cloudflare
etag
W/"730e2ac5ed56ca01649d24824a9c72f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oY3dr0%2FBgSCDUzYxCiTg4SUa7JJtrlTEX%2BThLCZ2EI6cyU%2B5lCc4wOELncudXmg8VINV7HWPPWof%2BYeFILKfXxWbqjQknvrPRaBy%2Fw%2F3XCsUuPjk%2BZzOx8wq0VJ11onyZdbxnKlrnSd%2FcujhRUZrhibjzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75c97c8fbbe6-FRA
iframe
lv1.mycleverpush.com/ Frame A13E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde53.1gewinner.de
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/3251.852e9eed8ead3e6378e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.198.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.198.46.78.clients.your-server.de
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://de53.1gewinner.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 00:48:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-15
x-cache-status
HIT
x-robots-tag
noindex
6103.0a79e878620a13e28d86.js
static.cleverpush.com/sdk/chunk/ 		115 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/6103.0a79e878620a13e28d86.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a79b8a7607cd0c8f22c141ffe67fb1ce682e7100448a12549f33a7ea8ff445

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3A8Q6RZ06B1RCF10
age
6112
x-amz-server-side-encryption
AES256
x-amz-id-2
1a7mHtvwlRI6w28G6zti/Lj2n3IhncQFqJmI2FJP/ev0quW13ygVEqOa114WI3h5K/m6LYTz0P0=
last-modified
Fri, 09 Aug 2024 19:03:09 GMT
server
cloudflare
etag
W/"da59565c0b7e6920209d3ab1abb10fb9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hpf2j3B4vZNFALoS8T5rppNKsccOZ4Hi7XSITIjSUOUAY5di9fiT8meiGHAtcxgsU%2BQNwkc1zr0UKGryJ%2FfvfdK6EvLfbKsbi%2Bu%2FRmM9foIvNJApFbsdTjYBHq72w%2FJRnWa51PZR41pyULZDFdIgNACgrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75cf2851bbe6-FRA
7720.2dc31da7a50cec98ff0a.js
static.cleverpush.com/sdk/chunk/ 		56 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/7720.2dc31da7a50cec98ff0a.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03dcb5e58f6ee171e6ac5c8f2fdea052b0bfa2e0e8bb43f0fe92760c2aa8c7ca

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PX13Z10FE2E6TG51
age
20711
x-amz-server-side-encryption
AES256
x-amz-id-2
dSdJo+6T2s0eg7h9LNv3wZCGoqmuXwq0mK1TmcJq/ublDgrYWj7EMDZjzFV7q486vm1sKEDRlnE1N+yz2ZfpSg==
last-modified
Fri, 09 Aug 2024 19:03:10 GMT
server
cloudflare
etag
W/"baf89e291f3cd808cabca3e8579be405"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FgPii3%2FKGnhbZofxN8GyEl%2B1%2B%2FVxDdDQLNAIC1xdr6OJ4FW42RgXvjHvU%2FIamR6%2BXqOFKZc6QpWOXCPZH6tFJbMrH8UkboHYHfEiLwUqClrWHbvwL7JpudwkUssZrGgVv8%2FBrIMk3elG6Cmy741Uf6VNkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75cf2854bbe6-FRA
favicon.ico
de53.1gewinner.de/ 		72 KB
72 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://de53.1gewinner.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5

Request headers

Referer
https://de53.1gewinner.de/campaign_53.html?coyoteAffiliTokenId=84485875&
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 00:48:30 GMT
Last-Modified
Thu, 08 Sep 2022 04:38:22 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11e46-5e822ffd79f32"
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
73286
4329.641a08657862094ef14c.js
static.cleverpush.com/sdk/chunk/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4329.641a08657862094ef14c.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20f0c6ecc9fd8d2f7dc2402177d6ea4b8bc33a74a219d54f0aff98ae54204eb

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
X792Z93RCY5MFGJP
age
20231
x-amz-server-side-encryption
AES256
x-amz-id-2
G00WZ2p5LsRv0XnyTEi9mL8m09CWXqnBjt1krUyjfRinU0PCX/6xupJxMvaSH1bo0+GCZB4/Joy5ewMV26QlGA==
last-modified
Fri, 09 Aug 2024 19:03:07 GMT
server
cloudflare
etag
W/"017f6c76ab9fd5ed3026cf4298e7ef0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mvo0pNHot8%2BTcj%2FgCRk%2FuclMpq3jmmfVhpGj5yk4gsvCPlFv26giFuNLA7TA8xrX%2FNXsTx3yCQ%2BwZuwZZUVGsxa4p7Da1d4foJ1d2ddVX%2B0iyengDcUIj0IcZvFCdTUjkTdk%2FQZH%2FsFH3XHxsGWInwqvJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75cfc94fbbe6-FRA
1731.1e0589e93eed6eedd9e8.js
static.cleverpush.com/sdk/chunk/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/1731.1e0589e93eed6eedd9e8.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0aaa74f1d116bd31b67d39870824352b564e000b3675b749043dec7a322cbc

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HZE8E1AW8PWM11XP
age
20712
x-amz-server-side-encryption
AES256
x-amz-id-2
TmfFqVWqSVFk4+yBqV/qcJbyWnprdcr56Ms9OMH8+Cy5xrzQWFJKyP2VrpG3v0lk07nxJFAnmtzuTZzgaY3mhg==
last-modified
Fri, 09 Aug 2024 19:03:07 GMT
server
cloudflare
etag
W/"b83a51ac9339868de81f3b9105e9b7ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06zi1oqPJlz03j2%2BlYdHgljgQ952tS4Ql0LO81wKslaOMELm2w%2BKbDwgNcbpG6F8r3zXAIEGm05KzpAsPLLs5jOHruROFDgmDwrwZHHSY%2BAF7cCvqUSCryGSHNtYQFJnUyMVb8XsIO9pjqeIdinV7hcpUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75cfc950bbe6-FRA
2447.8b664facd0ac959090aa.js
static.cleverpush.com/sdk/chunk/ 		417 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/2447.8b664facd0ac959090aa.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c697709813701b68d0d5788322bb4bddd3e6bf9e8085bd10f8a6eee3c889b80a

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SX9XJDVMBZWXYW2W
age
20713
x-amz-server-side-encryption
AES256
x-amz-id-2
8wBYyv36jis2SzEBFFx17T2Z9DCFaMIQ/QRdm1AoqLAV4tVGIPv1EXvQXFJbe8hOpyDgRt4xIXY=
last-modified
Fri, 09 Aug 2024 19:03:06 GMT
server
cloudflare
etag
W/"f6eac38e4d01e006787b46925e95afd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQRZzPegR5LqleSJWGJnmznVqrViQsPSv3UyFcaXdthPgsJn9OKiADP7GCYZBTozeGIfY8HY5EN%2Fncgiuo7PFGdTbS9DsK65DYEmZUIy0Fc2YDtnTRvyZrJv5Gllr0ZYnu9LVMXmwHMAJ%2FQ8%2FLdm%2BDbljA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75cfc951bbe6-FRA
438.b8546722d750f5fb84e0.js
static.cleverpush.com/sdk/chunk/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/438.b8546722d750f5fb84e0.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40140ee3d8b17d59480c7257a7ac9bd0d92c9ec9c5a1edae18aa4277b7dbbdfd

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HZE7KAYWWX0GBH53
age
20712
x-amz-server-side-encryption
AES256
x-amz-id-2
IwnRQ/iUP8ltW4YHQitlMZ+TSnEPYbWi9SF5gezEp+kpH057D2jeYm1sKKP2OUiSG6MfhvljPi0=
last-modified
Fri, 09 Aug 2024 19:03:08 GMT
server
cloudflare
etag
W/"444dbd9db15c18d22323bf037a6ca3bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50%2FFlPo4kytNVNh1EmpljvVP8Cd7j7nLeVDDvjqAMiQKeeoUlp0iMSse5GofTAzqkaOXgxoEjkMzJfVWbaXnUWTyqA9RW%2BV62OkU54CtB6XNx6rgniW%2BvNa3PggYxS%2BYO4n1aAEd5zRZXqFf6hR727EBMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75cfc953bbe6-FRA
optin-visitor
api.cleverpush.com/channel/ 		16 B
985 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Aug 2024 00:48:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.iGC9ACSl5qoMnQIK_r4u2NoGm33inbKT__aadPdfIQ-1723423710-1.0.1.1-rQHF.V0eBFna9F_hzi8Ihqn4AIuiePWO9t8UDOegnss_xdAfiIVZDNoxr9Sa3CXyhF_DUT.IcH0rPRojuwIrKot7ttCV4YnBOWfEacA5K6roZvurSckjOxBc5phITKIDhTcsPx.LZ5VItJUpGWschWQJzaw4SnVgwbnBuc6Z4hE; report-to cf-csp-endpoint
x-backend-server
cleverpush-worker-15
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3S4XeIX%2BQn8iBMJTXwYogQhjxJD6L8xR9N8uXhXh3BWl5l1ZukuD7eQdCEZPGIfjv%2FRVpfuFQi%2BFrYitCR37aWqKwlemSEyOPT3un9RbC27E%2FYHx25l1vLH7KQKrTrgmqQnaAdrrdxAVzG5XvWPcQQ%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=.iGC9ACSl5qoMnQIK_r4u2NoGm33inbKT__aadPdfIQ-1723423710-1.0.1.1-rQHF.V0eBFna9F_hzi8Ihqn4AIuiePWO9t8UDOegnss_xdAfiIVZDNoxr9Sa3CXyhF_DUT.IcH0rPRojuwIrKot7ttCV4YnBOWfEacA5K6roZvurSckjOxBc5phITKIDhTcsPx.LZ5VItJUpGWschWQJzaw4SnVgwbnBuc6Z4hE"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control
no-cache
cf-ray
8b1c75d11d0765c2-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de53.1gewinner.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8b1c75d0ccd665c2-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Mon, 12 Aug 2024 00:48:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2rDOtNFAJ9YdM0OQzrD2EsZV4NDwSYeHoMOq%2BvYEKoG%2FV0jbvlrAJwBInyxkAh9%2Boqx5SfhhZaPH9yv7lqQ7aCvQuAFf9Rla9ljMtboNtiWLGHrGwRdf2vtxMIO5VgV3HUcl4izIoBzXvwkeLgGfkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
1376.35cf0ba4e9c7e543c5b6.js
static.cleverpush.com/sdk/chunk/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/1376.35cf0ba4e9c7e543c5b6.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0439122447204b780457fa57edd4a5acc7f6664f17c7578e3014cfccd971ed4f

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SX9J5WTWB9J3QG45
age
20713
x-amz-server-side-encryption
AES256
x-amz-id-2
mWR3wBrAsCteF/kRTxDiaVaUCXjNI3oDrz1kYAaQL34Xp0oZKjyqM7gU7bVbH4PNcGJx/3Iz5NA=
last-modified
Fri, 09 Aug 2024 19:03:06 GMT
server
cloudflare
etag
W/"18e09f22bb92cef28ebfe5377a5c7e6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TM0VIzc5JUbk5uqI5eTwR2ITJALbngFvOmUNtSQHrKAKlLGCjJIMhyTjhFCJoVhY1HhRliQfvdmWZ%2BFKlrJolrmHxzcL%2Bdp79amH4s4JMNUzpPJ%2Fv0VXr4fwsZOzSDaK%2Ft%2BWHOQq0cwCbd%2BGanC79JdXZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75d02994bbe6-FRA
4862.f51faeef0033012ee39c.js
static.cleverpush.com/sdk/chunk/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4862.f51faeef0033012ee39c.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2fa827bc637d39c7dd0b0ae4cfebc4b6fdfc01daba8f8fd36241bb60ee5d3a3

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HZEF477CZ2TZZEQ9
age
20712
x-amz-server-side-encryption
AES256
x-amz-id-2
2uHs3V13kbi+HJmLOFFWp+WO1ui6dIXR68vOCd24olSon9egogb/sAZNLFFTdGttFAfhM1tX3W3Ej26AnvMXRw==
last-modified
Fri, 09 Aug 2024 19:03:08 GMT
server
cloudflare
etag
W/"8173b480a059b3a829884bccddbdd595"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiCvjD1N2tOVUyKiPTSzecb3JnCvXagyktpbEXQmOAipE8tnLF25CtEClWxEwVTsJO1mDIq78E4Xig%2FUkp6j3O8IV90g0fCFu4tNButvu0p5jt1RammiPuJ7A6Her3%2F5JAy8s2fFsdpEb2uxgsM9VnsIZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75d02996bbe6-FRA
8935.df87f70e278a01763af5.js
static.cleverpush.com/sdk/chunk/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/8935.df87f70e278a01763af5.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a695c9295534b8b690d6c7ad3fad207a6a907efd062c95e4bb6ae7417aa44a64

Request headers

Referer
https://de53.1gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:48:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PX1DQTPCRFQSR124
age
20711
x-amz-server-side-encryption
AES256
x-amz-id-2
psWDL6SDlaDrD5EsbbNDdhO9mdsFzRXNQwEQCHrw8suel3Zp8e9ir4SGzjEbwfJGEQRWdsnW3WM=
last-modified
Fri, 09 Aug 2024 19:03:11 GMT
server
cloudflare
etag
W/"6cd84780aeff5ff1143134447d0f3e6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQmGyyE5LTzjz0nSq%2FVlb%2FDLYl1EP2v2W2wKlSDtscLr5Fo%2FRhGGBByfKWe18QPl5at%2B8a0AYdr%2Fm0iUU%2F%2BZSSvk2tB7lA2QoPqvkYeQX6dMZvcRvbcgHtGjZLyJTsI9P%2Bb6j4BmIY%2Fj%2Bla6pMm2EjL0Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public,max-age=43200
cf-ray
8b1c75d02998bbe6-FRA
confirm-alert
api.cleverpush.com/channel/ 		0
0
defaultChannelIcon.png
static.cleverpush.com/app/images/ 		0
0
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.cleverpush.com
URL
https://api.cleverpush.com/channel/confirm-alert
Domain
static.cleverpush.com
URL
https://static.cleverpush.com/app/images/defaultChannelIcon.png
Domain
api.cleverpush.com
URL
https://api.cleverpush.com/channel/confirm-alert

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery string| optinBoxActive function| fbq function| _fbq function| pixelweiche object| pw object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| CleverPush

8 Cookies

Domain/Path Name / Value
smrturl.co/o/s078a964897 Name: dynamo_v_id
Value: Vdb37c4eef9d5a
go.smartorfast.com/ Name: afclick
Value: 66b95bdb89f51f0001963c5c
go.smartorfast.com/ Name: afoffers
Value: {"24899":1723423707}
www.sbbq3otrk.com/ Name: uniqueClick_2CTPL1
Value: 38404b13-9299-4151-b257-7a65b6c9d661:1723423708
www.sbbq3otrk.com/ Name: transaction_id
Value: 81c269ae809e49c6a7172934a5f1b83c
trckde01.de/ Name: PHPSESSID
Value: dcakl66kbige06fbv4emc1r5v1
de53.1gewinner.de/ Name: PHPSESSID
Value: 67e3u6j6o9ejd54f5qql602k43
de53.1gewinner.de/ Name: coyoteAffiliTokenId53
Value: 84485875

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cleverpush.com
connect.facebook.net
de53.1gewinner.de
fonts.googleapis.com
go.smartorfast.com
lv1.mycleverpush.com
meine.pixelweiche.de
smrturl.co
static.cleverpush.com
trckde01.de
use.fontawesome.com
www.sbbq3otrk.com
api.cleverpush.com
static.cleverpush.com
172.67.149.199
2606:4700:20::681a:e1f
2606:4700:20::ac43:47b8
2606:4700:3036::6815:1b98
2a00:1450:4001:810::200a
2a00:1450:4001:828::200a
2a03:2880:f083:100:face:b00c:0:3
34.111.143.46
34.141.179.97
35.158.79.89
45.156.91.34
78.46.198.121
03dcb5e58f6ee171e6ac5c8f2fdea052b0bfa2e0e8bb43f0fe92760c2aa8c7ca
0439122447204b780457fa57edd4a5acc7f6664f17c7578e3014cfccd971ed4f
046d73655eb275b276a5b08509b844ff72efcfc39e570751a34c708201cbd7c9
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437
19a79b8a7607cd0c8f22c141ffe67fb1ce682e7100448a12549f33a7ea8ff445
2fd3ed7e28fabdc339afab10518db81afa03f2cc58012f6c9fc5d14f8a30466b
40140ee3d8b17d59480c7257a7ac9bd0d92c9ec9c5a1edae18aa4277b7dbbdfd
44b797dd529d70a80df7bb7142aa6c90357039a98cd76d3cdf4dcbafe10c389a
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
56ce488016e10e57ed18b91230364c9b44ac2d00cd4eb5ec89c816a3ec035665
56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8
58c809a475c81472c18ac503e14ac52358a9d210d1b1654b73618725806b7f82
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6fe6370520bcab3c884d5ff45392e1fe334fd36522bba18707af760a42ceec37
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a695c9295534b8b690d6c7ad3fad207a6a907efd062c95e4bb6ae7417aa44a64
aee88822b67db7e7c863a6ba2e751bbce73d63a0e3b50a528da0b82a45ecbbc5
b03aad60802ac7854a522fcd8efe05739e585c6d04727b0b120f16e868b55db4
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5
c697709813701b68d0d5788322bb4bddd3e6bf9e8085bd10f8a6eee3c889b80a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d2fa827bc637d39c7dd0b0ae4cfebc4b6fdfc01daba8f8fd36241bb60ee5d3a3
d3aa5f7c7a36d0219f25eea299c8d1e896d03dcbe0c3455830d775e35f9f1da4
d8e87710c0c3a6c2a24077a9b6c039560c4aba328a863839890bdaea51c228bc
e20f0c6ecc9fd8d2f7dc2402177d6ea4b8bc33a74a219d54f0aff98ae54204eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c1fad504d13c3cab7d8d1a35cea93be56130629cbbece83d5dd5da16ac4a43
e87de448fe0489a66cce3d6dccaee65333ef8ca856b171deb8036aaedffd3727
fd0aaa74f1d116bd31b67d39870824352b564e000b3675b749043dec7a322cbc