bf-voucher.gewinner1.de Open in urlscan Pro
188.95.252.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/lowsss/kembibi.html#xzi7fn.CSvDEafPbRvGXV?dZcK5Sccljx4cxyBGcdc9kcpc13fGfrZqcbbb4x
Effective URL:
https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Submission: On November 24 via api (November 24th 2021, 7:48:08 am UTC) from BE — Scanned from DE

Summary HTTP 56 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 14 domains to perform 56 HTTP transactions. The main IP is 188.95.252.33, located in Spain and belongs to RACKMARKT, ES. The main domain is bf-voucher.gewinner1.de.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 14th 2021. Valid for: 3 months.

This is the only time bf-voucher.gewinner1.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:82f::2010	15169 (GOOGLE) (GOOGLE)
1 1	91.188.254.130 91.188.254.130	40676 (AS40676) (AS40676)
1 1	35.204.82.162 35.204.82.162	15169 (GOOGLE) (GOOGLE)
1 1	34.91.151.72 34.91.151.72	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 18	188.95.252.33 188.95.252.33	197518 (RACKMARKT) (RACKMARKT)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
7	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700:20:... 2606:4700:20::681a:f1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::681a:e1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.69.45.25 159.69.45.25	24940 (HETZNER-AS) (HETZNER-AS)
56	13

1 2a00:1450:4001:82f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.188.254.130 (Los Angeles, United States) 1 redirects

ASN40676 (AS40676, US)
PTR: capwomen.com

poweredchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.82.162 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 162.82.204.35.bc.googleusercontent.com

pienlions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.151.72 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 72.151.91.34.bc.googleusercontent.com

bluemarst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 188.95.252.33 (Spain) 1 redirects

ASN197518 (RACKMARKT, ES)
PTR: master.ceoo.cli.rackmarkt.com

gewinn-ometer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bf-voucher.gewinner1.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)

api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.45.25 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.25.45.69.159.clients.your-server.de

deaffiliateceoo.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gewinner1.de bf-voucher.gewinner1.de	518 KB
15	cleverpush.com static.cleverpush.com api.cleverpush.com	104 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	359 KB
7	google-analytics.com www.google-analytics.com	20 KB
4	google.com www.google.com	21 KB
1	mycleverpush.com deaffiliateceoo.mycleverpush.com	18 KB
1	google.de www.google.de	501 B
1	doubleclick.net stats.g.doubleclick.net	448 B
1	aspnetcdn.com ajax.aspnetcdn.com	30 KB
1	gewinn-ometer.com 1 redirects gewinn-ometer.com	718 B
1	bluemarst.com 1 redirects bluemarst.com	793 B
1	pienlions.com 1 redirects pienlions.com	321 B
1	poweredchannel.com 1 redirects poweredchannel.com	285 B
1	googleapis.com storage.googleapis.com	692 B
56	14

	Domain	Requested by
17	bf-voucher.gewinner1.de	storage.googleapis.com bf-voucher.gewinner1.de
10	static.cleverpush.com	bf-voucher.gewinner1.de static.cleverpush.com deaffiliateceoo.mycleverpush.com
7	www.google-analytics.com	bf-voucher.gewinner1.de www.google-analytics.com
5	api.cleverpush.com	static.cleverpush.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	fonts.gstatic.com	bf-voucher.gewinner1.de www.google.com
4	www.google.com	bf-voucher.gewinner1.de www.gstatic.com www.google.com
1	deaffiliateceoo.mycleverpush.com	static.cleverpush.com
1	www.google.de	bf-voucher.gewinner1.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.aspnetcdn.com	bf-voucher.gewinner1.de
1	gewinn-ometer.com	1 redirects
1	bluemarst.com	1 redirects
1	pienlions.com	1 redirects
1	poweredchannel.com	1 redirects
1	storage.googleapis.com
56	16

This site contains links to these domains. Also see Links.

Domain
www.computerwissen.de
zahnschutztarif.de
www.daydreams.de
www.mirabo.at
www.mirabo.ch
www.zeitschriften-abo.de
www.perfect-fit.de
www.zmail.de
www.super-sparfuechse.com
de.testclub.com
www.bluemediaads.com
www.siabeg.de
elitepremiumservice.com
xn--deutschehrmobil-htb.de
www.shopping.de
www.pmiprivacy.com
www.affili-partner.com
tools.google.com

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
bf-voucher.gewinner1.de cPanel, Inc. Certification Authority	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-04` - `2022-06-04`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Frame ID: 3C3F95C993F9E24C79EA09548777E4A6
Requests: 45 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iZi12b3VjaGVyLmdld2lubmVyMS5kZTo0NDM.&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=db7q6bpj79xu
Frame ID: EFC3B0944616A14F69151EA39604D4E1
Requests: 7 HTTP requests in this frame

Frame: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fbf-voucher.gewinner1.de
Frame ID: E19F373CA7EEB5AF2D3401F71AF71F96
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

500 EUR BLACK FRIDAY GUTSCHEIN FÜR AMAZON!

Page URL History Show full URLs

https://storage.googleapis.com/lowsss/kembibi.html Page URL
http://poweredchannel.com/anchorxzi7fn.CSvDEafPbRvGXV?dZcK5Sccljx4cxyBGcdc9kcpc13fGfrZqcbbb4x HTTP 302
https://pienlions.com/?a=877&oc=14230&c=40135&m=3&s1=2_319032_2583967&s2=1567_1142049_3158463_11&s... HTTP 302
https://bluemarst.com/?a=877&oc=14230&c=40135&m=3&s1=2_319032_2583967&s2=1567_1142049_3158463_11&s... HTTP 302
https://gewinn-ometer.com/de,amazon,500,black,friday,2020,aff_1635.html?idPartner=1493&idCampaignAd=0&... HTTP 302
https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835& Page URL

Page Statistics

56
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

16
Subdomains

13
IPs

5
Countries

1073 kB
Transfer

1919 kB
Size

11
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.computerwissen.de/
Title: https://www.computerwissen.de/

Search URL Search Domain Scan URL

URL: http://zahnschutztarif.de/
Title: Zahnschutztarif.de

Search URL Search Domain Scan URL

URL: https://www.daydreams.de/datenschutzinformation_Artikel_14
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://www.mirabo.at/nvg-at/content/datenschutzinformation-nach-art-14-dsgvo,549/
Title: https://www.mirabo.at/nvg-at/datenschutzinformation

Search URL Search Domain Scan URL

URL: https://www.mirabo.at/datenschutzinformation
Title: Datenschutzinfo AT

Search URL Search Domain Scan URL

URL: https://www.mirabo.ch/datenschutzinformation
Title: Datenschutzinfo CH

Search URL Search Domain Scan URL

URL: https://www.zeitschriften-abo.de/datenschutzinformation
Title: https://www.zeitschriften-abo.de/datenschutzinformation

Search URL Search Domain Scan URL

URL: https://www.perfect-fit.de/
Title: https://www.perfect-fit.de

Search URL Search Domain Scan URL

URL: https://www.zmail.de/
Title: https://www.zmail.de/

Search URL Search Domain Scan URL

URL: https://www.super-sparfuechse.com/nutzungsbedingungen/
Title: https://www.super-sparfuechse.com/nutzungsbedingungen/

Search URL Search Domain Scan URL

URL: https://de.testclub.com/terms-of-use/
Title: https://de.testclub.com/terms-of-use/

Search URL Search Domain Scan URL

URL: http://www.bluemediaads.com/GDPR_EN-DE.html
Title: http://www.bluemediaads.com/GDPR_EN-DE.html

Search URL Search Domain Scan URL

URL: http://www.siabeg.de/
Title: http://www.siabeg.de/

Search URL Search Domain Scan URL

URL: https://elitepremiumservice.com/datenschutz.html
Title: Datenschutzinformation nach Art. 14 DSGVO

Search URL Search Domain Scan URL

URL: http://xn--deutschehrmobil-htb.de/
Title: http://xn--deutschehrmobil-htb.de

Search URL Search Domain Scan URL

URL: https://www.shopping.de/
Title: https://www.shopping.de/

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer/
Title: https://www.pmiprivacy.com/de-de/consumer/

Search URL Search Domain Scan URL

URL: http://www.affili-partner.com/en/registration.html
Title: www.Affiliate-Partner.com

Search URL Search Domain Scan URL

URL: https://tools.google.com/dlpage/gaoptout?hl=de
Title: https://tools.google.com/dlpage/gaoptout?hl=de

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/lowsss/kembibi.html Page URL
http://poweredchannel.com/anchorxzi7fn.CSvDEafPbRvGXV?dZcK5Sccljx4cxyBGcdc9kcpc13fGfrZqcbbb4x HTTP 302
https://pienlions.com/?a=877&oc=14230&c=40135&m=3&s1=2_319032_2583967&s2=1567_1142049_3158463_11&s3=753341205&s5=1fkyw8j HTTP 302
https://bluemarst.com/?a=877&oc=14230&c=40135&m=3&s1=2_319032_2583967&s2=1567_1142049_3158463_11&s3=753341205&s5=1fkyw8j&ckmguid=acd73ba0-c3f4-4e85-8897-7f647f381270 HTTP 302
https://gewinn-ometer.com/de,amazon,500,black,friday,2020,aff_1635.html?idPartner=1493&idCampaignAd=0&subId=877&subIdentifier=223378169 HTTP 302
https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 kembibi.html
storage.googleapis.com/lowsss/ 112 B
692 B 32ms
8ms Document
text/html 2a00:1450:4001:82f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lowsss/kembibi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-guploader-uploadid: ADPycdvuKJDDW9R7lOw6wjOtoOwZ6fK_nmemYvCpsEcD1W_5tA129GO8gM4oTWmh9l89fZCSGZeB1pb_ViCeRzxSn0E6zHbPmg
expires: Wed, 24 Nov 2021 08:05:10 GMT
date: Wed, 24 Nov 2021 07:05:10 GMT
last-modified: Tue, 07 Sep 2021 17:37:32 GMT
etag: "38ba23dc5b6b77ab96301a6860e09257"
x-goog-generation: 1631036252897537
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 112
content-type: text/html
x-goog-hash: crc32c=Vs6sCQ== md5=OLoj3Ftrd6uWMBpoYOCSVw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 112
server: UploadServer
age: 2570
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

Primary Request campaign_2609.html Show response
bf-voucher.gewinner1.de/
Redirect Chain

http://poweredchannel.com/anchorxzi7fn.CSvDEafPbRvGXV?dZcK5Sccljx4cxyBGcdc9kcpc13fGfrZqcbbb4x
https://pienlions.com/?a=877&oc=14230&c=40135&m=3&s1=2_319032_2583967&s2=1567_1142049_3158463_11&s3=753341205&s5=1fkyw8j
https://bluemarst.com/?a=877&oc=14230&c=40135&m=3&s1=2_319032_2583967&s2=1567_1142049_3158463_11&s3=753341205&s5=1fkyw8j&ckmguid=acd73ba0-c3f4-4e85-8897-7f647f381270
https://gewinn-ometer.com/de,amazon,500,black,friday,2020,aff_1635.html?idPartner=1493&idCampaignAd=0&subId=877&subIdentifier=223378169
https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

233 KB
234 KB

581ms
484ms

Document
text/html

188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/lowsss/kembibi.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 7123e2a8d3e02b45a315e19b35fc6c975859461946ad348b6e555008318e042a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storage.googleapis.com/lowsss/kembibi.html#xzi7fn.CSvDEafPbRvGXV?dZcK5Sccljx4cxyBGcdc9kcpc13fGfrZqcbbb4x

Response headers

Date: Wed, 24 Nov 2021 07:48:02 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 24 Nov 2021 07:48:02 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 jquery-3.4.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 86 KB
30 KB 294ms
11ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E90) /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9790315
x-cache: HIT
content-length: 30737
x-xss-protection: 1; mode=block
last-modified: Thu, 02 May 2019 18:32:11 GMT
server: ECAcc (frc/8E90)
etag: "808705b151d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2816
date: Wed, 24 Nov 2021 07:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 24 Nov 2021 09:01:07 GMT

GET
H/1.1 200
OK reset.css
bf-voucher.gewinner1.de/ftp/o2o_umfrageTemplate/ 1 KB
1 KB 113ms
38ms Stylesheet
text/css 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://bf-voucher.gewinner1.de/ftp/o2o_umfrageTemplate/reset.css
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: c8f4db5cb5de6f37e5c8c89b69a21092e444ce66d65da692f2b297007a0c2963

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Thu, 29 Sep 2016 12:39:41 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1073
Content-Type: text/css

GET
H/1.1 200
OK custom.css
bf-voucher.gewinner1.de/ftp/o2o_umfrageTemplate/ 21 KB
22 KB 114ms
39ms Stylesheet
text/css 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://bf-voucher.gewinner1.de/ftp/o2o_umfrageTemplate/custom.css
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: eb3eb3234394fd402890dd7269e4e35ffb9b4df7d0caba5eccc84f2cced2fbb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Fri, 24 Aug 2018 10:36:34 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 21826
Content-Type: text/css

GET
H/1.1 200
OK series.css
bf-voucher.gewinner1.de/ftp/o2o_umfrageTemplate/ 41 KB
41 KB 116ms
38ms Stylesheet
text/css 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://bf-voucher.gewinner1.de/ftp/o2o_umfrageTemplate/series.css
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 895562fb3ab5dec78b28196e26938382110e8d1b109d54e99f736581d3f9bfaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Thu, 05 Jan 2017 15:26:26 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 42281
Content-Type: text/css

GET
H/1.1 200
OK button.js Show response
bf-voucher.gewinner1.de/ftp/o2o_umfrageTemplate/ 4 KB
4 KB 117ms
38ms Script
application/javascript 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://bf-voucher.gewinner1.de/ftp/o2o_umfrageTemplate/button.js
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 4a4c46b8a193ff0825d07a0f3fe6c3b9df535ce9b26371a81be2384afbf0b30b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Thu, 06 Apr 2017 07:50:57 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 3824
Content-Type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 16ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=230748683&t=pageview&_s=1&dl=https%3A%2F%2Fbf-voucher.gewinner1.de%2Fcampaign_2609.html%3FcoyoteAffiliTokenId%3D437257835%26&dp=2609%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1882876354&gjid=8290043&cid=476726408.1637740083&tid=UA-68861802-12&_gid=336637241.1637740083&_r=1&_slc=1&cg1=2609&cg2=191&cg3=1493&cg4=877&cg5=223378169&cd1=2609&cd2=191&cd3=1493&cd4=877&cd5=223378169&cd6=2684&z=269446797

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bf-voucher.gewinner1.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:48:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bf-voucher.gewinner1.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=230748683&t=event&_s=2&dl=https%3A%2F%2Fbf-voucher.gewinner1.de%2Fcampaign_2609.html%3FcoyoteAffiliTokenId%3D437257835%26&dp=2609%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=pageview&el=2609%2Fadressdata1%2F&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=476726408.1637740083&tid=UA-68861802-12&_gid=336637241.1637740083&cg1=2609&cg2=191&cg3=1493&cg4=877&cg5=223378169&cd1=2609&cd2=191&cd3=1493&cd4=877&cd5=223378169&cd6=2684&z=1972369852

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 08:25:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84133
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=230748683&t=event&_s=3&dl=https%3A%2F%2Fbf-voucher.gewinner1.de%2Fcampaign_2609.html%3FcoyoteAffiliTokenId%3D437257835%26&dp=2609%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=idPartner&el=1493&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=476726408.1637740083&tid=UA-68861802-12&_gid=336637241.1637740083&cg1=2609&cg2=191&cg3=1493&cg4=877&cg5=223378169&cd1=2609&cd2=191&cd3=1493&cd4=877&cd5=223378169&cd6=2684&z=939243506

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 08:25:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84133
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=230748683&t=event&_s=4&dl=https%3A%2F%2Fbf-voucher.gewinner1.de%2Fcampaign_2609.html%3FcoyoteAffiliTokenId%3D437257835%26&dp=2609%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=idAmKampagne&el=2609&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=476726408.1637740083&tid=UA-68861802-12&_gid=336637241.1637740083&cg1=2609&cg2=191&cg3=1493&cg4=877&cg5=223378169&cd1=2609&cd2=191&cd3=1493&cd4=877&cd5=223378169&cd6=2684&z=2003062995

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 08:25:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84133
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=230748683&t=event&_s=5&dl=https%3A%2F%2Fbf-voucher.gewinner1.de%2Fcampaign_2609.html%3FcoyoteAffiliTokenId%3D437257835%26&dp=2609%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=wgname&el=500%20EUR%20BLACK%20FRIDAY%20GUTSCHEIN%20F%C3%9CR%20AMAZON!&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=476726408.1637740083&tid=UA-68861802-12&_gid=336637241.1637740083&cg1=2609&cg2=191&cg3=1493&cg4=877&cg5=223378169&cd1=2609&cd2=191&cd3=1493&cd4=877&cd5=223378169&cd6=2684&z=1324470253

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 08:25:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84133
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=230748683&t=event&_s=6&dl=https%3A%2F%2Fbf-voucher.gewinner1.de%2Fcampaign_2609.html%3FcoyoteAffiliTokenId%3D437257835%26&dp=2609%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=1493&el=877&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=476726408.1637740083&tid=UA-68861802-12&_gid=336637241.1637740083&cg1=2609&cg2=191&cg3=1493&cg4=877&cg5=223378169&cd1=2609&cd2=191&cd3=1493&cd4=877&cd5=223378169&cd6=2684&z=331731298

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 08:25:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84133
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 NK8GfGNLpAYfKeg38.js Show response
static.cleverpush.com/channel/loader/ 167 KB
43 KB 106ms
59ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 913fec323874d4a64d2b62dd94e6f735b7fa4a6a21e4cdf552be9c7c179721b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: H0VDZKKTMP0GDWF6
x-amz-id-2: lShYdbD/NuXzE/s0X1ElPsSLu1XC5xPDG04G9NxlIvUfqiVYfRp3obXYe4p4WYsDeDFOKHruszY=
last-modified: Wed, 24 Nov 2021 00:59:09 GMT
server: cloudflare
etag: W/"3c47432924c9c7fedfa14c7aa3b1d88e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0umYSf0pMkqWkwHMIqawIKfHZC%2BZsxkrU7jZopbuRV7m%2FbmQoeVUT5YaYkp5mEjLpQMOni%2FsBqKYWyMG3j7eRWP3bJUP2423h0bPgeRCPX5RgnDnGQYJo6rTBpFcqoaGhvqpcR1BY2Fg3ksFBe5W%2FD5uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 6b3108633f9e0e2a-MXP

GET
H/1.1 200
OK blank.png
bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/ 928 B
1 KB 127ms
45ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/blank.png
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 808ae8844e5f26252997ea223a219829f9cc2e20e7114ca6f1cb192c46209a2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Mon, 02 Nov 2020 13:40:12 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 928
Content-Type: image/png

GET
H/1.1 200
OK blackfriday,de,mobile,prize,c.png
bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/ 32 KB
32 KB 128ms
45ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/blackfriday,de,mobile,prize,c.png
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 2a6bff485d79bd064ba5de2eb57fbda76543555d38b7e4d8a0b6ce3495b4e497

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Fri, 13 Nov 2020 11:15:11 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 32764
Content-Type: image/png

GET
H/1.1 200
OK desk,prize,d.png
bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/ 42 KB
42 KB 129ms
46ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/desk,prize,d.png
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: b631978a014428ac162cbd74955e501119922f308b518008aa3326a27680c9d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Fri, 13 Nov 2020 12:07:10 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 42892
Content-Type: image/png

GET
H/1.1 200
OK step,done.png
bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/ 1 KB
2 KB 151ms
38ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/step,done.png
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: ad9dd40e8f8b59f30d2e09219aed5982237fc50c4e0afe65be3a1be59b2066b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Mon, 02 Nov 2020 13:40:12 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1396
Content-Type: image/png

GET
H/1.1 200
OK step,2.png
bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/ 2 KB
2 KB 114ms
38ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/step,2.png
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 499c96b35f16a2567e3ea9eb693ad8f838a61c0033e1bb4c2cf9a96d5554c713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Mon, 02 Nov 2020 13:40:12 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1934
Content-Type: image/png

GET
H/1.1 200
OK step,3.png
bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/ 2 KB
2 KB 114ms
38ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/step,3.png
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: cf0ba306c8421d2eb3a8a9f282cad49e6752bd98db68c85b1c77c9b45abd58fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Mon, 02 Nov 2020 13:40:12 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1993
Content-Type: image/png

GET
H/1.1 200
OK step,4.png
bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/ 2 KB
2 KB 115ms
39ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/step,4.png
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 49e56787146ef9c425187201af7573ba5cd7959a762f38c00318df763b2bd079

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Mon, 02 Nov 2020 13:40:12 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1810
Content-Type: image/png

GET
H/1.1 200
OK step,final,a.png
bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/ 3 KB
3 KB 115ms
38ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/step,final,a.png
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 2b9fc0d19857a106e175e85c965f9d36c08717bb560d7466a1be83a7e57e91c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Tue, 03 Nov 2020 11:55:38 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 2986
Content-Type: image/png

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1001 B 48ms
16ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

54f048344db72d05144b901efe99b3465c7777d150ce1c6f5c4b45af5c270acd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Wed, 24 Nov 2021 07:48:03 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68861802-12&cid=476726408.1637740083&jid=1882876354&gjid=8290043&_gid=336637241.1637740083&_u=YEBAAEAAAAAAAC~&z=737681079

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bf-voucher.gewinner1.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Nov 2021 07:48:03 GMT
content-type: text/plain
access-control-allow-origin: https://bf-voucher.gewinner1.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 64ms
32ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68861802-12&cid=476726408.1637740083&jid=1882876354&_u=YEBAAEAAAAAAAC~&z=187006273

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:48:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 52ms
21ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68861802-12&cid=476726408.1637740083&jid=1882876354&_u=YEBAAEAAAAAAAC~&z=187006273

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:48:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK main_layout_logo.png
bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/ 7 KB
7 KB 115ms
39ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/main_layout_logo.png
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Mon, 08 May 2017 07:24:36 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 7333
Content-Type: image/png

GET
H/1.1 200
OK coyoteDefaultLibrary.css
bf-voucher.gewinner1.de/templates/coyoteDefaultLibrary/ 2 KB
3 KB 119ms
40ms Stylesheet
text/css 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://bf-voucher.gewinner1.de/templates/coyoteDefaultLibrary/coyoteDefaultLibrary.css
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 15e9a4546d5ac8af8c3b083aa33a81541a69691625ce72cdb5e6fc1475b0c8c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Tue, 04 May 2021 04:37:20 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 2458
Content-Type: text/css

GET
H/1.1 200
OK coyoteDefaultLibrary.js Show response
bf-voucher.gewinner1.de/templates/coyoteDefaultLibrary/ 17 KB
18 KB 146ms
43ms Script
application/javascript 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://bf-voucher.gewinner1.de/templates/coyoteDefaultLibrary/coyoteDefaultLibrary.js
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 425afd9a7a5108ad89c3ee927323884bfe7d43d9eba87195e19d88f1e2c99853

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Tue, 04 May 2021 04:37:20 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 17749
Content-Type: application/javascript

GET
H/1.1 200
OK blackfriday,de,desk,bg,a.jpg
bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/ 102 KB
102 KB 80ms
40ms Image
image/jpeg 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bf-voucher.gewinner1.de/media/adresseManager/microSiteImg/2609/blackfriday,de,desk,bg,a.jpg
Requested by: Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 4cf06dbed276eccf21acb24f1781a57d3541121647ec8cfc654a03f7b1e96fcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:48:03 GMT
Last-Modified: Mon, 02 Nov 2020 13:53:24 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 104640
Content-Type: image/jpeg

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 15 KB
16 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf-voucher.gewinner1.de/
Origin: https://bf-voucher.gewinner1.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:54:22 GMT
x-content-type-options: nosniff
age: 86021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15572
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 07:54:22 GMT

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 16 KB
16 KB 32ms
12ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: bf-voucher.gewinner1.de
URL: https://bf-voucher.gewinner1.de/campaign_2609.html?coyoteAffiliTokenId=437257835&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf-voucher.gewinner1.de/
Origin: https://bf-voucher.gewinner1.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:01:29 GMT
x-content-type-options: nosniff
age: 17194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16276
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 03:01:29 GMT

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e8e0e58a0c5a5e3f02b9167ed381b7cd5cd9907d8e29d2f4a01b9673e92fea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7b187b31119631622a0de2ca08cd3b2e63ac43edc3baa4b75d404da01e41e64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf-voucher.gewinner1.de/
Origin: https://bf-voucher.gewinner1.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 21:26:22 GMT

GET
H2 200 config Show response
api.cleverpush.com/channel/NK8GfGNLpAYfKeg38/ 6 KB
2 KB 134ms
41ms Fetch
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/NK8GfGNLpAYfKeg38/config?confirmAlertTestsEnabled=true&platformName=Windows

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6b2d459db023303d4f8f8e7b6d1cd489d711c398a1e38b09248c7e3edb9ccb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://bf-voucher.gewinner1.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
x-backend-server: cleverpush-worker-2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceo3ISBDJX50df1dnur%2BSN4BJgQXKAsGACqsNvCw0Yq3dBxPWfumgJRLHbZ7pG%2FmDveP8L4hXyNDN9X6edN%2BBZxkyUGyD4iOv0XqBMSZHidE5NfVgDv5hp0yhDgplR2%2BKNY3AuJdJduH%2FlWTgKpX2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: public, max-age=60
cf-ray: 6b3108648ba20f72-MXP
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
expires: Wed, 24 Nov 2021 07:48:17 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame EFC3 39 KB
20 KB 42ms
25ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iZi12b3VjaGVyLmdld2lubmVyMS5kZTo0NDM.&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=db7q6bpj79xu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb667387ddf61ee0f1731631fb81a3bcd76eeb0af02e101f40ff65582844842b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7cTrorlxovnIeS5TNm9fWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Nov 2021 07:48:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-7cTrorlxovnIeS5TNm9fWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20314
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame EFC3 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iZi12b3VjaGVyLmdld2lubmVyMS5kZTo0NDM.&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=db7q6bpj79xu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 16:48:10 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame EFC3 347 KB
135 KB 26ms
12ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 21:26:22 GMT

GET
H3 200 5.js Show response
static.cleverpush.com/sdk/chunk/ 26 KB
7 KB 54ms
30ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85b33be84a3abd2cbd88a554bf5b1eeff6f0938dc132f7e6a10dd41f7f8e8b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9B44H3X5G1JYT22Z
x-amz-id-2: YRx6L9OANG5vHT1xdGDqCwp87Ijkx+rvyc1N4O2vTnlAJPGprHfhdHUDQxjLxSBPwjosJfGaEHI=
last-modified: Sun, 14 Nov 2021 21:00:28 GMT
server: cloudflare
etag: W/"0728887c049e96fb2347c671a2d8ea8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D14rIy%2FJJOQXjR2EXp0FmWiGo6BEvaSyXg8UdDU1n5Q8REE1ulieKNTEmY%2FLw05Ua4IavuixWPAXAovDC5A5vXgHiWkVzmZmg4tF6R77sMBM0ENt%2BuoipVmMv0Ze5g8KWPg2QIzCmZJsHOZB9zHqShpDRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6b3108651ce80f52-MXP

GET
H3 200 251.js Show response
static.cleverpush.com/sdk/chunk/ 6 KB
3 KB 75ms
51ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a1cbcdf5312121bc64e7d7b696da1e3322428c9ee7441a5d45aecddd59641f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9B4DC99XQE56RJ2W
x-amz-id-2: dn/+6mhihZqvGbDFzhsScnvLANzFhy5mmTLc/9j0oMX+zvF/SGgznjT1ROe45sPZNty8Tvsv+b8=
last-modified: Sun, 14 Nov 2021 21:00:27 GMT
server: cloudflare
etag: W/"1d89b52857bfafbd43a0aaa08e05bcff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWhO7A5CQ6ZpZ9CkcoIQZODMl%2FhzqXWDu%2BqiQntLkYJiGifRSXSTlBU%2FukXaUQgmbBYNxqqp%2F2eD8Knq05ymU0sXWMvnX36RveJoyG15iNHPrg2bc7naorb93qlgv2HUBuf5ZMllFUc5p9wTEJzz6a0edA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6b3108651ceb0f52-MXP

GET
H3 200 628.js Show response
static.cleverpush.com/sdk/chunk/ 22 KB
7 KB 54ms
31ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/628.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afc4b009a80528c88b4e94e54456ba91bf4fa45a12121379415008e2b1e6331d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9B4C5JV3XA0W29HR
x-amz-id-2: 54TYJPkr6UO4UNijzA1MXn7yvlYRf4NU4xSTvXGhelZL37pugtJUYxhxXPCD426MQqH7DPAvPLs=
last-modified: Sun, 14 Nov 2021 21:00:28 GMT
server: cloudflare
etag: W/"109a13fbd154a7a59ade106122d4146a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbRChTNCvWuAgFVE1SgIuDZGLtkAhObiUN0WJ5GB7aeRo7X8kFqpJ67WhDpTiVbFaxfrDXL5mOb5mOF1TmjOxPnW6dA4pxJ%2FKT2jNNz6YiuNxZCPblPdYB4NqT%2FUwZB96mDLMCLgWcMC4T%2BPN5uiN5uZkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6b3108651ce20f52-MXP

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EFC3 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:05:30 GMT
x-content-type-options: nosniff
age: 16954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 01 Dec 2021 03:05:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EFC3 15 KB
15 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 52883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EFC3 15 KB
15 KB 25ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:17:54 GMT
x-content-type-options: nosniff
age: 63010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame EFC3 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9iZi12b3VjaGVyLmdld2lubmVyMS5kZTo0NDM.&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=db7q6bpj79xu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 24 Nov 2021 07:48:04 GMT

GET
H2 200 iframe Show response
deaffiliateceoo.mycleverpush.com/ Frame E19F 46 KB
18 KB 84ms
49ms Document
text/html 159.69.45.25
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fbf-voucher.gewinner1.de

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.45.25 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.25.45.69.159.clients.your-server.de

Software

Resource Hash

8e91e500d5c7946a3c9431e8946519f929daacfb3d206231ce5811f8c1a05296

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
x-robots-tag: noindex
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: EXPIRED
x-backend-server: cleverpush-worker-1
content-encoding: gzip

GET
H3 200 5.js Show response
static.cleverpush.com/sdk/chunk/ Frame E19F 26 KB
7 KB 35ms
34ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.js
Requested by: Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fbf-voucher.gewinner1.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85b33be84a3abd2cbd88a554bf5b1eeff6f0938dc132f7e6a10dd41f7f8e8b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://deaffiliateceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9B44H3X5G1JYT22Z
x-amz-id-2: YRx6L9OANG5vHT1xdGDqCwp87Ijkx+rvyc1N4O2vTnlAJPGprHfhdHUDQxjLxSBPwjosJfGaEHI=
last-modified: Sun, 14 Nov 2021 21:00:28 GMT
server: cloudflare
etag: W/"0728887c049e96fb2347c671a2d8ea8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78tiBxQTFAwiiJKxcCqa2wJ51%2FeD%2F6pIDauLZ4k7cEYjs%2Bu%2Fsfk9Vf0ga4Wt6FOPRwYFkwX%2BGcAzhfpiaajzRFu9ctOYFpMvlsyUbYePw92sRzMpXNhJG2hRltUpX4SRG3jX34RDNjPw35d5CoboSpQLGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6b310866cfcb0f52-MXP

GET
H3 200 251.js Show response
static.cleverpush.com/sdk/chunk/ Frame E19F 6 KB
3 KB 35ms
35ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.js
Requested by: Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fbf-voucher.gewinner1.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a1cbcdf5312121bc64e7d7b696da1e3322428c9ee7441a5d45aecddd59641f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://deaffiliateceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9B4DC99XQE56RJ2W
x-amz-id-2: dn/+6mhihZqvGbDFzhsScnvLANzFhy5mmTLc/9j0oMX+zvF/SGgznjT1ROe45sPZNty8Tvsv+b8=
last-modified: Sun, 14 Nov 2021 21:00:27 GMT
server: cloudflare
etag: W/"1d89b52857bfafbd43a0aaa08e05bcff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzcqpJ3qAUfSPEPeOJzi7NMsrMclaZDOfFLm5bCp1adiBQLwXXe9AANIqg5ENKw%2FLUY76%2BYXkuvQfeCn0GDZy0I7ust5TVMuV6mMJT3%2FoLnLVsw49XAc%2FTOAo7s7DwuRptVnigM1%2FEoOkHjFLxSZxlcb%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6b310866cfcd0f52-MXP

GET
H3 200 778.js Show response
static.cleverpush.com/sdk/chunk/ Frame E19F 16 KB
5 KB 35ms
35ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/778.js
Requested by: Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fbf-voucher.gewinner1.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a290da6b2d099094539c60faa9f92c43744899218fa4b52bbae084bb6ede04a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://deaffiliateceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35325
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 5RV5Z5WVNNJ03B40
x-amz-id-2: kkcGk2SjcVwExtslZXMTl6MCpoM0W8iK40L/X5JKGqY3O+1PbO0rtxvYrTaYJNS/iS4XZxPW9e4=
last-modified: Sun, 14 Nov 2021 21:00:28 GMT
server: cloudflare
etag: W/"5fc912fc6af83c8935d21ea7adf5f58d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rm9KFTxakMEW%2BTOKBNKUiYz8D426C%2B6Ol5iGfLaag6%2BQQibHhUIhF8FsAYynL5INqTt0kwfqeW3B9KU77sOEEhOJoyrb55gyQh%2FsywsH1MrH6qCQWh5E2oUgI8wNzLdf6hlGkiFyL15XVlSm2HImUiy5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6b310866cfcf0f52-MXP

GET
H3 200 970.js Show response
static.cleverpush.com/sdk/chunk/ 46 KB
10 KB 29ms
28ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/970.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1103cf4de272954ebd8bb6de9557fa3ecb8ef48a10ea870ffcd4790c49adbfe8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35324
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: GY91PSVDD70XHKFX
x-amz-id-2: uoZnVkezo6rBASGgCmJjnpYryaBiv7ukQh702ReziLUh/+YBiCLT7hqmZIHz+51AMeJ7wvvbQIs=
last-modified: Sun, 14 Nov 2021 21:00:28 GMT
server: cloudflare
etag: W/"a03e2c7b746db35b2750f142b0c74aa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpoIzT5igo%2FhK%2BA8pmQb9iYR2CSo7DYi6uci4SFND%2FtNRtZPbijoHn9Jlo9dh7YzCk%2BZWiYZYVX5fTCq5pPUNidHIcwOvmDzAHbcIPxr3tkCqfIP3S3fAWghr888Ih3%2B1b%2FFX4EoFTbZZI%2BDhE%2B2Hl3n3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6b31086708470f52-MXP

GET
H3 200 720.js Show response
static.cleverpush.com/sdk/chunk/ 52 KB
13 KB 30ms
30ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 498d786f61d74b120f0bccd470d6081e1547f28ccd6e0f5e98c8a4f3e20e6bc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35324
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: GY9AVHXHC8W5KSS2
x-amz-id-2: HHhMw9IcXSAzSxGLSuOHOdq6MmjJRqlcZAqW5QHyG+VYWWonE8xeHFTHO4NHkFZLu3uSaG9DeM4=
last-modified: Sun, 14 Nov 2021 21:00:28 GMT
server: cloudflare
etag: W/"987ddae89434673d7b2a75fe4c50def8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbaHEexzwkt7Mug%2BUi6djd7ZpiVpSdQx%2FSU7E2OlKQf%2FzrgWk3%2FTRpyVFHFBRrDVIBArcat5QvCJ5S6P3KtHUqG2x3EWFGPhL0lJGCU510RlrS88rndlP%2F0wAZnAtfRvE87jOrmS9Lza3gLgnf2i3UpH3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6b310867084a0f52-MXP

POST
H3 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
718 B 45ms
45ms Fetch
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://bf-voucher.gewinner1.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
x-backend-server: cleverpush-worker-2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzM%2FTYubQ%2BQAdafvhrp%2BJzCkj2I79kqqr4Pkbh39jeoiBn5xytAYkWk5Bj5d9ADnlTyD11FkxVp5Gfera1DhMRH0nosSJ3d50a6puEqVs%2BnsLPsbb20C2AjRWkH%2B9F6XEt69HhKYLGcGEeH34kj9Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: no-cache
cf-ray: 6b3108681d7ce8eb-MXP
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

OPTIONS
H3 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 106ms
80ms Preflight
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bf-voucher.gewinner1.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 24 Nov 2021 07:48:04 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-2
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP%2Ba2mqt5T%2BMABwLLLw2FuWxDAEw5w23Y2r8XIUtYMK%2FQqGInlWLphjKP1YXE3XImTeExJNcXpKwXYR%2BeVQThb44Y4pNgSmq8Bqz98GGtSQ7frJzrNu8u1EyvjNc80SdxJI55vNF0WxHQGzdhTteZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b3108678c6ae8eb-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 38ms
38ms Preflight
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bf-voucher.gewinner1.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 24 Nov 2021 07:48:05 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-2
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Luo1QZ4uijLKj8oPFlQU%2BvGjaRqmhZclB9tZBUznKolK4Vv3DCMUJBCd4Lq2at51dlJM0Trsz8vfnzl0UmRnTI0%2FyaEJh512d7C0ZhtFYwr%2B9%2Fcp2LdCsVlh6GSXDuFIHIsCrjQB2cCcWTZQZ6Ud0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b31086dad74e8eb-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
727 B 43ms
42ms Fetch
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://bf-voucher.gewinner1.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Nov 2021 07:48:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
x-backend-server: cleverpush-worker-2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJXcKSOOvYhc5YX%2FVD%2FIhEfSIADsOKyopRciZ%2Bx43YBjB%2FZH1YaL7R2l8BLkXynW9RAoxVOkqKpoPooBdZCNr3nXlXeko%2B8ffL%2FEXB%2FBmNEbxD32u5d%2FMjObQ7cAgUbJpAol%2FfdyghnwlO5mYvradg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: no-cache
cf-ray: 6b31086dedcde8eb-MXP
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

GET
H3 200 defaultChannelIcon.png
static.cleverpush.com/app/images/ 732 B
1 KB 31ms
31ms Image
image/png 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bf-voucher.gewinner1.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:48:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35283
cf-ray: 6b31086dbc560f52-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 732
x-amz-id-2: w8ntZsLvCtkFowezw7bczs23O/lGd+eD1p5/UjtMZZMMEOMXoizmzbBv4J5hVgL9h0O7XLmHqxA=
last-modified: Mon, 21 Oct 2019 13:42:31 GMT
server: cloudflare
etag: "dada142d4861c864d8d63e8cd5dd22dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJkoz4Q7AVMuGhJdSulRs0ZkshwHt4u20S0kP4ZpCmzAqn5jirrhBUBwQ6UMkmoq%2FKtFLSpi%2BYpTU4i4wLMJTR6MPiY%2FMNdIxPnLV5rAIuOnL7mvTjBDE1j329D%2BjA2TnCiHUF9gTVtjMeIMySganUkMbA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: SF0V7TB2NHSXAM91
cache-control: max-age=2628000
accept-ranges: bytes
content-type: image/png

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bluemarst.com/	1969-12-31 23:59:59	Name: sfd Value: XEv9451jtCTWJ/yq37CzzucyFVRj7qSP1XgssW/Mxt9/OEVkZC6VFw==
.bluemarst.com/	1970-01-21 18:45:06	Name: tfl Value: QNlPkIv58IfP/8CblVZtTOcyFVRj7qSP1XgssW/Mxt9/OEVkZC6VFw==
.bluemarst.com/	1970-01-19 23:38:52	Name: c14181 Value: XEv9451jtCQjHIRy9jwm6iBg+T4ekTFqUD/jnhvtsYIWGzrL8ULKLA==
gewinn-ometer.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 89fe0852408ef3c37dc0057861cd019c
gewinn-ometer.com/	1970-01-19 23:38:52	Name: coyoteTrackingCookie_1635 Value: 437257835
gewinn-ometer.com/	1970-01-19 23:38:52	Name: coyoteSimpleTrackingCookie Value: 437257835
bf-voucher.gewinner1.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 011f2377559dfe26db18d1e7cd8bd041
bf-voucher.gewinner1.de/	1970-01-19 22:55:54	Name: coyoteAffiliTokenId2609 Value: 437257835
.gewinner1.de/	1970-01-20 16:26:52	Name: _ga Value: GA1.2.476726408.1637740083
.gewinner1.de/	1970-01-19 22:57:06	Name: _gid Value: GA1.2.336637241.1637740083
.gewinner1.de/	1970-01-19 22:55:40	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
api.cleverpush.com
bf-voucher.gewinner1.de
bluemarst.com
deaffiliateceoo.mycleverpush.com
fonts.gstatic.com
gewinn-ometer.com
pienlions.com
poweredchannel.com
static.cleverpush.com
stats.g.doubleclick.net
storage.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
152.199.19.160
159.69.45.25
188.95.252.33
2606:4700:20::681a:e1f
2606:4700:20::681a:f1f
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2010
2a00:1450:400c:c07::9a
34.91.151.72
35.204.82.162
91.188.254.130
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0e8e0e58a0c5a5e3f02b9167ed381b7cd5cd9907d8e29d2f4a01b9673e92fea2
1103cf4de272954ebd8bb6de9557fa3ecb8ef48a10ea870ffcd4790c49adbfe8
14a1cbcdf5312121bc64e7d7b696da1e3322428c9ee7441a5d45aecddd59641f
15e9a4546d5ac8af8c3b083aa33a81541a69691625ce72cdb5e6fc1475b0c8c8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae
2a6bff485d79bd064ba5de2eb57fbda76543555d38b7e4d8a0b6ce3495b4e497
2b9fc0d19857a106e175e85c965f9d36c08717bb560d7466a1be83a7e57e91c3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
425afd9a7a5108ad89c3ee927323884bfe7d43d9eba87195e19d88f1e2c99853
498d786f61d74b120f0bccd470d6081e1547f28ccd6e0f5e98c8a4f3e20e6bc6
499c96b35f16a2567e3ea9eb693ad8f838a61c0033e1bb4c2cf9a96d5554c713
49e56787146ef9c425187201af7573ba5cd7959a762f38c00318df763b2bd079
4a4c46b8a193ff0825d07a0f3fe6c3b9df535ce9b26371a81be2384afbf0b30b
4cf06dbed276eccf21acb24f1781a57d3541121647ec8cfc654a03f7b1e96fcc
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
54f048344db72d05144b901efe99b3465c7777d150ce1c6f5c4b45af5c270acd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
6a290da6b2d099094539c60faa9f92c43744899218fa4b52bbae084bb6ede04a
7123e2a8d3e02b45a315e19b35fc6c975859461946ad348b6e555008318e042a
808ae8844e5f26252997ea223a219829f9cc2e20e7114ca6f1cb192c46209a2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
895562fb3ab5dec78b28196e26938382110e8d1b109d54e99f736581d3f9bfaf
8e91e500d5c7946a3c9431e8946519f929daacfb3d206231ce5811f8c1a05296
913fec323874d4a64d2b62dd94e6f735b7fa4a6a21e4cdf552be9c7c179721b9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ad9dd40e8f8b59f30d2e09219aed5982237fc50c4e0afe65be3a1be59b2066b7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afc4b009a80528c88b4e94e54456ba91bf4fa45a12121379415008e2b1e6331d
b631978a014428ac162cbd74955e501119922f308b518008aa3326a27680c9d0
bb667387ddf61ee0f1731631fb81a3bcd76eeb0af02e101f40ff65582844842b
c8f4db5cb5de6f37e5c8c89b69a21092e444ce66d65da692f2b297007a0c2963
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cf0ba306c8421d2eb3a8a9f282cad49e6752bd98db68c85b1c77c9b45abd58fb
d6b2d459db023303d4f8f8e7b6d1cd489d711c398a1e38b09248c7e3edb9ccb2
e7b187b31119631622a0de2ca08cd3b2e63ac43edc3baa4b75d404da01e41e64
eb3eb3234394fd402890dd7269e4e35ffb9b4df7d0caba5eccc84f2cced2fbb9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
f85b33be84a3abd2cbd88a554bf5b1eeff6f0938dc132f7e6a10dd41f7f8e8b7

bf-voucher.gewinner1.de Open in urlscan Pro 188.95.252.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

56 Requests

100 %HTTPS

60 %IPv6

14 Domains

16 Subdomains

13 IPs

5 Countries

1073 kBTransfer

1919 kBSize

11 Cookies

19 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bf-voucher.gewinner1.de Open in urlscan Pro
188.95.252.33 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

16
Subdomains

13
IPs

5
Countries

1073 kB
Transfer

1919 kB
Size

11
Cookies

56 HTTP transactions
2 data transactions