urlscan.io logo urlscan.io
SecurityTrails logo

desktop.kouwaiwai.de Open in urlscan Pro
89.191.67.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.greatmerch.com/unsub.php?qs=a44db0af010a4161ace9dfa645ae105c
Effective URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpM...
Submission: On November 20 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 15 domains to perform 40 HTTP transactions. The main IP is 89.191.67.206, located in Germany and belongs to MEGASPACE-AS, DE. The main domain is desktop.kouwaiwai.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 15th 2019. Valid for: 3 months.
This is the only time desktop.kouwaiwai.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 193.24.234.21 202998 (GONET)
1 3 198.143.165.221 32475 (SINGLEHOP...)
1 1 35.158.38.217 16509 (AMAZON-02)
1 1 198.20.96.202 32475 (SINGLEHOP...)
1 3 108.163.203.126 32475 (SINGLEHOP...)
2 35.156.54.233 16509 (AMAZON-02)
1 21 89.191.67.79 34624 (MEGASPACE-AS)
3 89.191.67.206 34624 (MEGASPACE-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
40 11
2    193.24.234.21 (Lithuania)

ASN202998 (GONET, LT)
PTR: gmtaa.mail.greatmerch.com
click.greatmerch.com
3    198.143.165.221 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
links.securedark.com
1    35.158.38.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-38-217.eu-central-1.compute.amazonaws.com
movania-forsity.com
1    198.20.96.202 (Netherlands)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: 202.96.20.198.unassigned.ord.singlehop.net
web.scan-networktoday.xyz
3    108.163.203.126 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
click.webgifts-free.xyz
2    35.156.54.233 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-54-233.eu-central-1.compute.amazonaws.com
go.bulksfinance.com
b9a39.bemobpath.com
21    89.191.67.79 (Germany)

ASN34624 (MEGASPACE-AS, DE)
PTR: srv1.rlcontrol.de
www.exklusive-preise.de
rlcontrol.de
www.rlcontrol.de
3    89.191.67.206 (Germany)

ASN34624 (MEGASPACE-AS, DE)
desktop.kouwaiwai.de
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
3    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
3    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
18 www.rlcontrol.de desktop.kouwaiwai.de
3 fonts.gstatic.com www.rlcontrol.de
3 fonts.googleapis.com desktop.kouwaiwai.de
3 desktop.kouwaiwai.de www.rlcontrol.de
3 click.webgifts-free.xyz 1 redirects links.securedark.com
click.webgifts-free.xyz
3 links.securedark.com 1 redirects click.greatmerch.com
links.securedark.com
2 cdnjs.cloudflare.com desktop.kouwaiwai.de
www.rlcontrol.de
2 www.exklusive-preise.de 1 redirects
2 click.greatmerch.com 1 redirects
1 code.jquery.com desktop.kouwaiwai.de
1 cdn.onesignal.com desktop.kouwaiwai.de
1 rlcontrol.de www.exklusive-preise.de
1 b9a39.bemobpath.com
1 go.bulksfinance.com click.webgifts-free.xyz
1 web.scan-networktoday.xyz 1 redirects
1 movania-forsity.com 1 redirects
40 16

This site contains links to these domains. Also see Links.

Domain
odoki.de
my-promobox.de
www.rlcontrol.de
Subject Issuer Validity Valid
click.webgifts-free.xyz
Let's Encrypt Authority X3		 2019-10-19 -
2020-01-17		 3 months crt.sh
go.bulksfinance.com
Let's Encrypt Authority X3		 2019-11-07 -
2020-02-05		 3 months crt.sh
www.exklusive-preise.de
Sectigo RSA Domain Validation Secure Server CA		 2019-01-14 -
2020-04-13		 a year crt.sh
*.rlcontrol.de
Sectigo RSA Domain Validation Secure Server CA		 2019-01-15 -
2021-04-14		 2 years crt.sh
toutoanui.de
Let's Encrypt Authority X3		 2019-11-15 -
2020-02-13		 3 months crt.sh
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-10-11 -
2020-04-18		 6 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Frame ID: 6B50F4D53D857614DF38D103ED3C6B05
Requests: 39 HTTP requests in this frame

Frame: https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Frame ID: 7D74423A8F5D7DC8C6235F152C32B61B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.greatmerch.com/unsub.php?qs=a44db0af010a4161ace9dfa645ae105c HTTP 302
    http://click.greatmerch.com/c/unsubscribe?email=carolinevandevyver%40skynet.be&list=greatmerch.com&local... Page URL
  2. http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72 Page URL
  3. http://links.securedark.com/?utm_term=6761352441838440649&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  4. http://links.securedark.com/proc.php?1af04a699e710805e05e453466f1ace5820d7075 HTTP 302
    https://movania-forsity.com/d0e45c38-57c4-41cc-aed2-30cc9459a4df?pub=2704&pid=2704-f22c5faz&sid=67613524... HTTP 302
    https://web.scan-networktoday.xyz/de/4.php?model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device... HTTP 302
    https://click.webgifts-free.xyz/?utm_medium=7aec7af6f5f65c3337b90847b5969408cd68ed43&model=Desktop&os=MacOS&... Page URL
  5. https://click.webgifts-free.xyz/?utm_term=6761352446133407656&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  6. https://click.webgifts-free.xyz/proc.php?5bc14baa8156af3f40feb2addacf20acecd1b260 HTTP 302
    https://go.bulksfinance.com/go/cf711883-a2b3-449b-a5ea-88142ea0148b?cost=0.00071&sid=6761352446133407656... Page URL
  7. http://b9a39.bemobpath.com/?redirectUrl=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%... Page URL
  8. https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=436&idCampaignAd=0&subId=KT... Page URL
  9. https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=436&idCampaignAd=0&subId=KT... HTTP 302
    https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subI... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /moment(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

40
Requests

90 %
HTTPS

38 %
IPv6

15
Domains

16
Subdomains

11
IPs

4
Countries

445 kB
Transfer

1111 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.greatmerch.com/unsub.php?qs=a44db0af010a4161ace9dfa645ae105c HTTP 302
    http://click.greatmerch.com/c/unsubscribe?email=carolinevandevyver%40skynet.be&list=greatmerch.com&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mCdoZRuJol_9DNu-psjbXdo Page URL
  2. http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72 Page URL
  3. http://links.securedark.com/?utm_term=6761352441838440649&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
  4. http://links.securedark.com/proc.php?1af04a699e710805e05e453466f1ace5820d7075 HTTP 302
    https://movania-forsity.com/d0e45c38-57c4-41cc-aed2-30cc9459a4df?pub=2704&pid=2704-f22c5faz&sid=6761352441838440649 HTTP 302
    https://web.scan-networktoday.xyz/de/4.php?model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_GDUnqT2whX8FnKPxnfhzlPVCKUR6CBuvRIpMOnWKvQkUYeeGwP3WkAkPZniFOfkHtTnoLF0y9B337ZAC60Ju1lQXR6SPb9_tYuYAu2o-fjkC9H_iwcB2bm9GdxplsiI6O9nyqFUt-MQJeNx2BmuXXOUS4aImRrGVN36da721ZXZhq4N37T5qI-sdvpp2RnUL5Qs3Jk8_peHVexJsvNjXsGyzfoPW63c0TW3_2sxQbBDEketmFhm2ToAZV6sGc_yHRHa8LCKLdKQ5znY4UarhfrzYq5_U7OLCLQM1E2AI1zxKY26lVIOhZKfu5FDSq6KdF2AEJNXXq_Sbt5cfRO9XC3Rs0988yR4774W5fJL3GN5K8QdQPBjyGAwX01iilZ3C_YvLRB4&lptoken=151b74f4258a183842d1&pub=2704&pid=2704-f22c5faz&sid=6761352441838440649 HTTP 302
    https://click.webgifts-free.xyz/?utm_medium=7aec7af6f5f65c3337b90847b5969408cd68ed43&model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_GDUnqT2whX8FnKPxnfhzlPVCKUR6CBuvRIpMOnWKvQkUYeeGwP3WkAkPZniFOfkHtTnoLF0y9B337ZAC60Ju1lQXR6SPb9_tYuYAu2o-fjkC9H_iwcB2bm9GdxplsiI6O9nyqFUt-MQJeNx2BmuXXOUS4aImRrGVN36da721ZXZhq4N37T5qI-sdvpp2RnUL5Qs3Jk8_peHVexJsvNjXsGyzfoPW63c0TW3_2sxQbBDEketmFhm2ToAZV6sGc_yHRHa8LCKLdKQ5znY4UarhfrzYq5_U7OLCLQM1E2AI1zxKY26lVIOhZKfu5FDSq6KdF2AEJNXXq_Sbt5cfRO9XC3Rs0988yR4774W5fJL3GN5K8QdQPBjyGAwX01iilZ3C_YvLRB4&lptoken=151b74f4258a183842d1&pub=2704&pid=2704-f22c5faz&sid=6761352441838440649 Page URL
  5. https://click.webgifts-free.xyz/?utm_term=6761352446133407656&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
  6. https://click.webgifts-free.xyz/proc.php?5bc14baa8156af3f40feb2addacf20acecd1b260 HTTP 302
    https://go.bulksfinance.com/go/cf711883-a2b3-449b-a5ea-88142ea0148b?cost=0.00071&sid=6761352446133407656&pub=25&pid=25-8ceb0128&cost=0.00071 Page URL
  7. http://b9a39.bemobpath.com/?redirectUrl=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html%3FidPartner%3D436%26idCampaignAd%3D0%26subId%3DKTVA7DWS8KzRVyCpMQVZ5R%26subIdentifier%3Dcab80d13-1dc4-4028-90dc-20960319edf8%26rlmset%3Diphone11_new_de%26%24subID4%3DKTVA7DWS8KzRVyCpMQVZ5R Page URL
  8. https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=436&idCampaignAd=0&subId=KTVA7DWS8KzRVyCpMQVZ5R&subIdentifier=cab80d13-1dc4-4028-90dc-20960319edf8&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R Page URL
  9. https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=436&idCampaignAd=0&subId=KTVA7DWS8KzRVyCpMQVZ5R&subIdentifier=cab80d13-1dc4-4028-90dc-20960319edf8&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html HTTP 302
    https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://click.greatmerch.com/unsub.php?qs=a44db0af010a4161ace9dfa645ae105c HTTP 302
  • http://click.greatmerch.com/c/unsubscribe?email=carolinevandevyver%40skynet.be&list=greatmerch.com&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mCdoZRuJol_9DNu-psjbXdo
Request Chain 3
  • http://links.securedark.com/proc.php?1af04a699e710805e05e453466f1ace5820d7075 HTTP 302
  • https://movania-forsity.com/d0e45c38-57c4-41cc-aed2-30cc9459a4df?pub=2704&pid=2704-f22c5faz&sid=6761352441838440649 HTTP 302
  • https://web.scan-networktoday.xyz/de/4.php?model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_GDUnqT2whX8FnKPxnfhzlPVCKUR6CBuvRIpMOnWKvQkUYeeGwP3WkAkPZniFOfkHtTnoLF0y9B337ZAC60Ju1lQXR6SPb9_tYuYAu2o-fjkC9H_iwcB2bm9GdxplsiI6O9nyqFUt-MQJeNx2BmuXXOUS4aImRrGVN36da721ZXZhq4N37T5qI-sdvpp2RnUL5Qs3Jk8_peHVexJsvNjXsGyzfoPW63c0TW3_2sxQbBDEketmFhm2ToAZV6sGc_yHRHa8LCKLdKQ5znY4UarhfrzYq5_U7OLCLQM1E2AI1zxKY26lVIOhZKfu5FDSq6KdF2AEJNXXq_Sbt5cfRO9XC3Rs0988yR4774W5fJL3GN5K8QdQPBjyGAwX01iilZ3C_YvLRB4&lptoken=151b74f4258a183842d1&pub=2704&pid=2704-f22c5faz&sid=6761352441838440649 HTTP 302
  • https://click.webgifts-free.xyz/?utm_medium=7aec7af6f5f65c3337b90847b5969408cd68ed43&model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_GDUnqT2whX8FnKPxnfhzlPVCKUR6CBuvRIpMOnWKvQkUYeeGwP3WkAkPZniFOfkHtTnoLF0y9B337ZAC60Ju1lQXR6SPb9_tYuYAu2o-fjkC9H_iwcB2bm9GdxplsiI6O9nyqFUt-MQJeNx2BmuXXOUS4aImRrGVN36da721ZXZhq4N37T5qI-sdvpp2RnUL5Qs3Jk8_peHVexJsvNjXsGyzfoPW63c0TW3_2sxQbBDEketmFhm2ToAZV6sGc_yHRHa8LCKLdKQ5znY4UarhfrzYq5_U7OLCLQM1E2AI1zxKY26lVIOhZKfu5FDSq6KdF2AEJNXXq_Sbt5cfRO9XC3Rs0988yR4774W5fJL3GN5K8QdQPBjyGAwX01iilZ3C_YvLRB4&lptoken=151b74f4258a183842d1&pub=2704&pid=2704-f22c5faz&sid=6761352441838440649
Request Chain 5
  • https://click.webgifts-free.xyz/proc.php?5bc14baa8156af3f40feb2addacf20acecd1b260 HTTP 302
  • https://go.bulksfinance.com/go/cf711883-a2b3-449b-a5ea-88142ea0148b?cost=0.00071&sid=6761352446133407656&pub=25&pid=25-8ceb0128&cost=0.00071

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
unsubscribe
click.greatmerch.com/c/
Redirect Chain
  • http://click.greatmerch.com/unsub.php?qs=a44db0af010a4161ace9dfa645ae105c
  • http://click.greatmerch.com/c/unsubscribe?email=carolinevandevyver%40skynet.be&list=greatmerch.com&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mCdoZRuJol_9DNu-psjbXdo
827 B
822 B 		Document
General
Check archive.org
Download Go to
Full URL
http://click.greatmerch.com/c/unsubscribe?email=carolinevandevyver%40skynet.be&list=greatmerch.com&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mCdoZRuJol_9DNu-psjbXdo
Protocol
HTTP/1.1
Server
193.24.234.21 , Lithuania, ASN202998 (GONET, LT),
Reverse DNS
gmtaa.mail.greatmerch.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
938b32ff757577f324dba8cadbd65dd04121bdaa0185fbadbd6b7c08aef28850
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
click.greatmerch.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 20 Nov 2019 11:40:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Content-Encoding
gzip

Redirect headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 20 Nov 2019 11:40:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Location
http://click.greatmerch.com/c/unsubscribe?email=carolinevandevyver%40skynet.be&list=greatmerch.com&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mCdoZRuJol_9DNu-psjbXdo
Cookie set /
links.securedark.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Requested by
Host: click.greatmerch.com
URL: http://click.greatmerch.com/c/unsubscribe?email=carolinevandevyver%40skynet.be&list=greatmerch.com&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mCdoZRuJol_9DNu-psjbXdo
Protocol
HTTP/1.1
Server
198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
b5df3ffea80193c7f3603c89e7a873e37bf503586f07655dff645b14b7324c7c

Request headers

Host
links.securedark.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://click.greatmerch.com/c/unsubscribe?email=carolinevandevyver%40skynet.be&list=greatmerch.com&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mCdoZRuJol_9DNu-psjbXdo
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://click.greatmerch.com/c/unsubscribe?email=carolinevandevyver%40skynet.be&list=greatmerch.com&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mCdoZRuJol_9DNu-psjbXdo

Response headers

Server
nginx
Date
Wed, 20 Nov 2019 11:40:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
u=9a7f30b628373a5a60749f34e602efc2; expires=Thu, 19-Nov-2020 11:40:41 GMT; Max-Age=31536000; path=/
Content-Encoding
gzip
/
links.securedark.com/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://links.securedark.com/?utm_term=6761352441838440649&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Requested by
Host: links.securedark.com
URL: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Protocol
HTTP/1.1
Server
198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
18589c08a0517dcecd5531d029db1908ebac381c39875b78f4b76a351a03ba4e

Request headers

Host
links.securedark.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Accept-Encoding
gzip, deflate
Cookie
u=9a7f30b628373a5a60749f34e602efc2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72

Response headers

Server
nginx
Date
Wed, 20 Nov 2019 11:40:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
/
click.webgifts-free.xyz/
Redirect Chain
  • http://links.securedark.com/proc.php?1af04a699e710805e05e453466f1ace5820d7075
  • https://movania-forsity.com/d0e45c38-57c4-41cc-aed2-30cc9459a4df?pub=2704&pid=2704-f22c5faz&sid=6761352441838440649
  • https://web.scan-networktoday.xyz/de/4.php?model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_G...
  • https://click.webgifts-free.xyz/?utm_medium=7aec7af6f5f65c3337b90847b5969408cd68ed43&model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.webgifts-free.xyz/?utm_medium=7aec7af6f5f65c3337b90847b5969408cd68ed43&model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_GDUnqT2whX8FnKPxnfhzlPVCKUR6CBuvRIpMOnWKvQkUYeeGwP3WkAkPZniFOfkHtTnoLF0y9B337ZAC60Ju1lQXR6SPb9_tYuYAu2o-fjkC9H_iwcB2bm9GdxplsiI6O9nyqFUt-MQJeNx2BmuXXOUS4aImRrGVN36da721ZXZhq4N37T5qI-sdvpp2RnUL5Qs3Jk8_peHVexJsvNjXsGyzfoPW63c0TW3_2sxQbBDEketmFhm2ToAZV6sGc_yHRHa8LCKLdKQ5znY4UarhfrzYq5_U7OLCLQM1E2AI1zxKY26lVIOhZKfu5FDSq6KdF2AEJNXXq_Sbt5cfRO9XC3Rs0988yR4774W5fJL3GN5K8QdQPBjyGAwX01iilZ3C_YvLRB4&lptoken=151b74f4258a183842d1&pub=2704&pid=2704-f22c5faz&sid=6761352441838440649
Requested by
Host: links.securedark.com
URL: http://links.securedark.com/?utm_term=6761352441838440649&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.163.203.126 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
75b098604bdeba97e5d92a76c08ba438e5671a66db3ba785f28c519897207ee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
click.webgifts-free.xyz
:scheme
https
:path
/?utm_medium=7aec7af6f5f65c3337b90847b5969408cd68ed43&model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_GDUnqT2whX8FnKPxnfhzlPVCKUR6CBuvRIpMOnWKvQkUYeeGwP3WkAkPZniFOfkHtTnoLF0y9B337ZAC60Ju1lQXR6SPb9_tYuYAu2o-fjkC9H_iwcB2bm9GdxplsiI6O9nyqFUt-MQJeNx2BmuXXOUS4aImRrGVN36da721ZXZhq4N37T5qI-sdvpp2RnUL5Qs3Jk8_peHVexJsvNjXsGyzfoPW63c0TW3_2sxQbBDEketmFhm2ToAZV6sGc_yHRHa8LCKLdKQ5znY4UarhfrzYq5_U7OLCLQM1E2AI1zxKY26lVIOhZKfu5FDSq6KdF2AEJNXXq_Sbt5cfRO9XC3Rs0988yR4774W5fJL3GN5K8QdQPBjyGAwX01iilZ3C_YvLRB4&lptoken=151b74f4258a183842d1&pub=2704&pid=2704-f22c5faz&sid=6761352441838440649
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://links.securedark.com/?utm_term=6761352441838440649&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://links.securedark.com/?utm_term=6761352441838440649&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Response headers

status
200
server
nginx
date
Wed, 20 Nov 2019 11:40:42 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=15c734ed725a31f651142a12ad2fd3af; expires=Thu, 19-Nov-2020 11:40:42 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

status
302
date
Wed, 20 Nov 2019 11:40:42 GMT
content-type
text/html; charset=UTF-8
location
https://click.webgifts-free.xyz/?utm_medium=7aec7af6f5f65c3337b90847b5969408cd68ed43&model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_GDUnqT2whX8FnKPxnfhzlPVCKUR6CBuvRIpMOnWKvQkUYeeGwP3WkAkPZniFOfkHtTnoLF0y9B337ZAC60Ju1lQXR6SPb9_tYuYAu2o-fjkC9H_iwcB2bm9GdxplsiI6O9nyqFUt-MQJeNx2BmuXXOUS4aImRrGVN36da721ZXZhq4N37T5qI-sdvpp2RnUL5Qs3Jk8_peHVexJsvNjXsGyzfoPW63c0TW3_2sxQbBDEketmFhm2ToAZV6sGc_yHRHa8LCKLdKQ5znY4UarhfrzYq5_U7OLCLQM1E2AI1zxKY26lVIOhZKfu5FDSq6KdF2AEJNXXq_Sbt5cfRO9XC3Rs0988yR4774W5fJL3GN5K8QdQPBjyGAwX01iilZ3C_YvLRB4&lptoken=151b74f4258a183842d1&pub=2704&pid=2704-f22c5faz&sid=6761352441838440649
cache-control
no-store, no-cache, private, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
expires
0
server
nginx centminmod
x-powered-by
centminmod
/
click.webgifts-free.xyz/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.webgifts-free.xyz/?utm_term=6761352446133407656&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Requested by
Host: click.webgifts-free.xyz
URL: https://click.webgifts-free.xyz/?utm_medium=7aec7af6f5f65c3337b90847b5969408cd68ed43&model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_GDUnqT2whX8FnKPxnfhzlPVCKUR6CBuvRIpMOnWKvQkUYeeGwP3WkAkPZniFOfkHtTnoLF0y9B337ZAC60Ju1lQXR6SPb9_tYuYAu2o-fjkC9H_iwcB2bm9GdxplsiI6O9nyqFUt-MQJeNx2BmuXXOUS4aImRrGVN36da721ZXZhq4N37T5qI-sdvpp2RnUL5Qs3Jk8_peHVexJsvNjXsGyzfoPW63c0TW3_2sxQbBDEketmFhm2ToAZV6sGc_yHRHa8LCKLdKQ5znY4UarhfrzYq5_U7OLCLQM1E2AI1zxKY26lVIOhZKfu5FDSq6KdF2AEJNXXq_Sbt5cfRO9XC3Rs0988yR4774W5fJL3GN5K8QdQPBjyGAwX01iilZ3C_YvLRB4&lptoken=151b74f4258a183842d1&pub=2704&pid=2704-f22c5faz&sid=6761352441838440649
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.163.203.126 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
5dbd4ae2b62ce43005aecde5f810acc210309f341fe477887ef275dc32b77f08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
click.webgifts-free.xyz
:scheme
https
:path
/?utm_term=6761352446133407656&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://click.webgifts-free.xyz/?utm_medium=7aec7af6f5f65c3337b90847b5969408cd68ed43&model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_GDUnqT2whX8FnKPxnfhzlPVCKUR6CBuvRIpMOnWKvQkUYeeGwP3WkAkPZniFOfkHtTnoLF0y9B337ZAC60Ju1lQXR6SPb9_tYuYAu2o-fjkC9H_iwcB2bm9GdxplsiI6O9nyqFUt-MQJeNx2BmuXXOUS4aImRrGVN36da721ZXZhq4N37T5qI-sdvpp2RnUL5Qs3Jk8_peHVexJsvNjXsGyzfoPW63c0TW3_2sxQbBDEketmFhm2ToAZV6sGc_yHRHa8LCKLdKQ5znY4UarhfrzYq5_U7OLCLQM1E2AI1zxKY26lVIOhZKfu5FDSq6KdF2AEJNXXq_Sbt5cfRO9XC3Rs0988yR4774W5fJL3GN5K8QdQPBjyGAwX01iilZ3C_YvLRB4&lptoken=151b74f4258a183842d1&pub=2704&pid=2704-f22c5faz&sid=6761352441838440649
accept-encoding
gzip, deflate, br
cookie
u=15c734ed725a31f651142a12ad2fd3af
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://click.webgifts-free.xyz/?utm_medium=7aec7af6f5f65c3337b90847b5969408cd68ed43&model=Desktop&os=MacOS&brand=Desktop&carrier=&broswer=Chrome&device=DESKTOP&td=movania-forsity.com&region=Bayern&cep=BinOKMy32u6Uy70lEkqssJ_gpgOV_O198yU_GDUnqT2whX8FnKPxnfhzlPVCKUR6CBuvRIpMOnWKvQkUYeeGwP3WkAkPZniFOfkHtTnoLF0y9B337ZAC60Ju1lQXR6SPb9_tYuYAu2o-fjkC9H_iwcB2bm9GdxplsiI6O9nyqFUt-MQJeNx2BmuXXOUS4aImRrGVN36da721ZXZhq4N37T5qI-sdvpp2RnUL5Qs3Jk8_peHVexJsvNjXsGyzfoPW63c0TW3_2sxQbBDEketmFhm2ToAZV6sGc_yHRHa8LCKLdKQ5znY4UarhfrzYq5_U7OLCLQM1E2AI1zxKY26lVIOhZKfu5FDSq6KdF2AEJNXXq_Sbt5cfRO9XC3Rs0988yR4774W5fJL3GN5K8QdQPBjyGAwX01iilZ3C_YvLRB4&lptoken=151b74f4258a183842d1&pub=2704&pid=2704-f22c5faz&sid=6761352441838440649

Response headers

status
200
server
nginx
date
Wed, 20 Nov 2019 11:40:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
Cookie set cf711883-a2b3-449b-a5ea-88142ea0148b
go.bulksfinance.com/go/
Redirect Chain
  • https://click.webgifts-free.xyz/proc.php?5bc14baa8156af3f40feb2addacf20acecd1b260
  • https://go.bulksfinance.com/go/cf711883-a2b3-449b-a5ea-88142ea0148b?cost=0.00071&sid=6761352446133407656&pub=25&pid=25-8ceb0128&cost=0.00071
456 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.bulksfinance.com/go/cf711883-a2b3-449b-a5ea-88142ea0148b?cost=0.00071&sid=6761352446133407656&pub=25&pid=25-8ceb0128&cost=0.00071
Requested by
Host: click.webgifts-free.xyz
URL: https://click.webgifts-free.xyz/?utm_term=6761352446133407656&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.54.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-54-233.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0a582565571363b7623836486bf6a3f52b7b8d3fb54f45516113bef02cc80b84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Host
go.bulksfinance.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://click.webgifts-free.xyz/?utm_term=6761352446133407656&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://click.webgifts-free.xyz/?utm_term=6761352446133407656&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Response headers

Server
nginx
Date
Wed, 20 Nov 2019 11:40:42 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Set-Cookie
bemob-uniq-visit:cf711883-a2b3-449b-a5ea-88142ea0148b=1; Domain=go.bulksfinance.com; Path=/; Expires=Thu, 21 Nov 2019 11:40:42 GMT; HttpOnly bemob-click-id=KTVA7DWS8KzRVyCpMQVZ5R; Domain=go.bulksfinance.com; Path=/; Expires=Thu, 21 Nov 2019 11:40:42 GMT; HttpOnly
ETag
W/"1c8-Pd9Pklp6KC6zvOMZOyzJW1hMER0"
X-Response-Time
19.497ms
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip

Redirect headers

status
302
server
nginx
date
Wed, 20 Nov 2019 11:40:42 GMT
content-type
text/html; charset=UTF-8
location
https://go.bulksfinance.com/go/cf711883-a2b3-449b-a5ea-88142ea0148b?cost=0.00071&sid=6761352446133407656&pub=25&pid=25-8ceb0128&cost=0.00071
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
/
b9a39.bemobpath.com/ 		361 B
658 B 		Document
General
Check archive.org
Download Go to
Full URL
http://b9a39.bemobpath.com/?redirectUrl=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html%3FidPartner%3D436%26idCampaignAd%3D0%26subId%3DKTVA7DWS8KzRVyCpMQVZ5R%26subIdentifier%3Dcab80d13-1dc4-4028-90dc-20960319edf8%26rlmset%3Diphone11_new_de%26%24subID4%3DKTVA7DWS8KzRVyCpMQVZ5R
Protocol
HTTP/1.1
Server
35.156.54.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-54-233.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9d31ec45f6c559022144eaa9e9a220d6841f6090ebe5801d6fd6f697b3f851a0

Request headers

Host
b9a39.bemobpath.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Server
nginx
Date
Wed, 20 Nov 2019 11:40:42 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
ETag
W/"169-dXQK90u0QhHjiFkYX2tA890DYm4"
X-Response-Time
5.384ms
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Content-Encoding
gzip
Cookie set de,20160420,weiche,flexblocks_624.html
www.exklusive-preise.de/ 		776 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=436&idCampaignAd=0&subId=KTVA7DWS8KzRVyCpMQVZ5R&subIdentifier=cab80d13-1dc4-4028-90dc-20960319edf8&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u6
Resource Hash
73252363e8f1ef98ad515d39a686e08c38b766004f1a15c9eecacacc259e136c

Request headers

Host
www.exklusive-preise.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://b9a39.bemobpath.com/?redirectUrl=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html%3FidPartner%3D436%26idCampaignAd%3D0%26subId%3DKTVA7DWS8KzRVyCpMQVZ5R%26subIdentifier%3Dcab80d13-1dc4-4028-90dc-20960319edf8%26rlmset%3Diphone11_new_de%26%24subID4%3DKTVA7DWS8KzRVyCpMQVZ5R
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://b9a39.bemobpath.com/?redirectUrl=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html%3FidPartner%3D436%26idCampaignAd%3D0%26subId%3DKTVA7DWS8KzRVyCpMQVZ5R%26subIdentifier%3Dcab80d13-1dc4-4028-90dc-20960319edf8%26rlmset%3Diphone11_new_de%26%24subID4%3DKTVA7DWS8KzRVyCpMQVZ5R

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u6
Set-Cookie
PHPSESSID=3ruvg9odrm2am89pi4vglf2nr2; path=/ coyoteTrackingCookie_624=361749650; expires=Fri, 20-Dec-2019 11:40:43 GMT; Max-Age=2592000; path=/ coyoteSimpleTrackingCookie=361749650; expires=Thu, 21-Nov-2019 11:40:43 GMT; Max-Age=86400; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
442
Connection
close
Content-Type
text/html; charset=UTF-8
weiche_de_real-prizes.php
rlcontrol.de/ftp/ Frame 7D74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Requested by
Host: www.exklusive-preise.de
URL: https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=436&idCampaignAd=0&subId=KTVA7DWS8KzRVyCpMQVZ5R&subIdentifier=cab80d13-1dc4-4028-90dc-20960319edf8&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u6
Resource Hash

Request headers

Host
rlcontrol.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=436&idCampaignAd=0&subId=KTVA7DWS8KzRVyCpMQVZ5R&subIdentifier=cab80d13-1dc4-4028-90dc-20960319edf8&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=436&idCampaignAd=0&subId=KTVA7DWS8KzRVyCpMQVZ5R&subIdentifier=cab80d13-1dc4-4028-90dc-20960319edf8&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Server
Apache/2.4.10 (Debian)
Vary
Host,Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u6
Content-Encoding
gzip
Content-Length
442
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request Cookie set campaign_496.html
desktop.kouwaiwai.de/
Redirect Chain
  • https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=436&idCampaignAd=0&subId=KTVA7DWS8KzRVyCpMQVZ5R&subIdentifier=cab80d13-1dc4-4028-90dc-20960319edf8&rlmset=iphone11_n...
  • https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C2016042...
70 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.206 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u6
Resource Hash
b00bb514f80cb04101fc21cfede62e4bd50a15b69aebad328cde904774f71609

Request headers

Host
desktop.kouwaiwai.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://rlcontrol.de/ftp/weiche_de_real-prizes.php

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u6
Set-Cookie
PHPSESSID=72bdsv2g4nsmsat8abojo60nu1; path=/ coyoteAffiliTokenId496=361749651; expires=Wed, 20-Nov-2019 15:40:43 GMT; Max-Age=14400; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
11015
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u6
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
coyoteTrackingCookie_613=361749651; expires=Fri, 20-Dec-2019 11:40:43 GMT; Max-Age=2592000; path=/ coyoteSimpleTrackingCookie=361749651; expires=Thu, 21-Nov-2019 11:40:43 GMT; Max-Age=86400; path=/
Location
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Content-Length
2
Connection
close
Content-Type
text/html; charset=UTF-8
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 11:40:43 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2331
etag
W/"967648c5f43f1acc3f64970983a5d03f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
538a26938ce2cbb8-VIE
expires
Wed, 20 Nov 2019 23:40:43 GMT
reset.css
www.rlcontrol.de/ftp/flexblocks/css/ 		812 B
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/reset.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
27b68b172858b007dc7b2fc3ac81b6a87924bc8520f5592850a1283a65b69af3

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:53 GMT
Server
Apache/2.4.10 (Debian)
ETag
"32c-54a4a08790043-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
489
bootstrap.min.css
www.rlcontrol.de/ftp/flexblocks/css/ 		114 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/bootstrap.min.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:42 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1c99e-54a4a07d3b832-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
19218
awesome-bootstrap-checkbox.css
www.rlcontrol.de/ftp/flexblocks/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/awesome-bootstrap-checkbox.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
984d6e82dce7262e5c27733ab7c2521a1f25f4a3ec2a1839620e053d3eec78bb

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:42 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1a50-54a4a07c909d9-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1046
general_tile_coregs_dynamic_desktop_de.css
www.rlcontrol.de/ftp/flexblocks/css/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/general_tile_coregs_dynamic_desktop_de.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
6d975623fc8ed1d8b9d503b1ed5995ed161e39121d48595dffbb91ea4f0b735d

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Nov 2019 09:52:03 GMT
Server
Apache/2.4.10 (Debian)
ETag
"e138-5979be6575f93-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
10337
balloon.min.css
www.rlcontrol.de/ftp/flexblocks/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/balloon.min.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Mar 2017 09:05:10 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1571-54b39f0e4b2f6-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1087
css
fonts.googleapis.com/ 		2 KB
467 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,900,700
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5eecac60daf67e9978b368ef66fe2b25e1f0a61da04d77ee55905ac53d1a1cf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 20 Nov 2019 11:40:43 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 20 Nov 2019 11:40:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 20 Nov 2019 11:40:43 GMT
css
fonts.googleapis.com/ 		460 B
405 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Calligraffitti
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7f4e31beb4137909805be8ecdd8a5417036e606d0f5105a9cb4cdf2d2356f1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 20 Nov 2019 11:40:43 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 20 Nov 2019 11:40:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 20 Nov 2019 11:40:43 GMT
css
fonts.googleapis.com/ 		423 B
342 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Satisfy
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
78acf37b6c980a9d638c2a825bf0e419f65d68d6fffab3f3063270151f5aadec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 20 Nov 2019 11:40:43 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 20 Nov 2019 11:40:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 20 Nov 2019 11:40:43 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 11:40:43 GMT
content-encoding
br
cf-cache-status
HIT
age
18883974
cf-ray
538a26936a0d59d0-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
W/"5afd4939-81d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Mon, 09 Nov 2020 11:40:43 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
jquery.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2016 15:23:29 GMT
Server
Apache/2.4.10 (Debian)
ETag
"14915-541d13ce2b8df-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
29497
bootstrap.min.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/bootstrap.min.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2016 15:23:25 GMT
Server
Apache/2.4.10 (Debian)
ETag
"9004-541d13caa3446-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
9765
jquery-ui.min.js
code.jquery.com/ui/1.11.3/ 		234 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.3/jquery-ui.min.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Feb 2015 18:05:20 GMT
Server
nginx
ETag
W/"54dceb60-3a99b"
Vary
Accept-Encoding
X-HW
1574250043.dop141.fr8.shc,1574250043.dop141.fr8.t,1574250043.cds122.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
64209
rlm_flex_tile_coregs_dynamic_desktop_de.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		166 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
356d548e29c0bd99cda841dc7eef71cd951aee295a1b94e33808b66c14e6bbfa

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Nov 2019 09:50:48 GMT
Server
Apache/2.4.10 (Debian)
ETag
"298e9-5979be1da178b-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
35225
moment.min.js
www.rlcontrol.de/ftp/flexblocks/scripts/lib/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/lib/moment.min.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jul 2018 14:05:29 GMT
Server
Apache/2.4.10 (Debian)
ETag
"c9df-571bf4122c08e-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
16804
iphone11_new_de.json
desktop.kouwaiwai.de/ftp/flexblocks/rlmsets/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://desktop.kouwaiwai.de/ftp/flexblocks/rlmsets/iphone11_new_de.json?format=json&_=1574250043472
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.206 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
90637cdf6cd31423d81b482bdcfd516a3909c483884281707a51782c0845a89b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Thu, 12 Sep 2019 11:51:27 GMT
Server
Apache/2.4.10 (Debian)
ETag
"8d2-59259c1f7c1e8"
Content-Type
application/json
Connection
close
Accept-Ranges
bytes
Content-Length
2258
iphone11_new_de.json
desktop.kouwaiwai.de/ftp/flex_core/prepages/json/ 		736 B
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://desktop.kouwaiwai.de/ftp/flex_core/prepages/json/iphone11_new_de.json?format=json&_=1574250043473
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.206 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
4ce25ae1cddf53751caa441ee5536c343983a35e1ae51a2639269be1e48216c6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Wed, 11 Sep 2019 09:24:30 GMT
Server
Apache/2.4.10 (Debian)
ETag
"2e0-592439694f1ee"
Content-Type
application/json
Connection
close
Accept-Ranges
bytes
Content-Length
736
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de

Response headers

date
Tue, 12 Nov 2019 15:22:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
677912
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Wed, 11 Nov 2020 15:22:11 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de

Response headers

date
Wed, 20 Nov 2019 04:41:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
25157
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14176
x-xss-protection
0
expires
Thu, 19 Nov 2020 04:41:26 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
Origin
https://desktop.kouwaiwai.de

Response headers

date
Wed, 20 Nov 2019 11:40:43 GMT
cf-cache-status
HIT
age
4323836
cf-ray
538a26946dab8cb6-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-23=":443"; ma=86400
content-length
66624
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
"5afd4939-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Mon, 09 Nov 2020 11:40:43 GMT
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
served-in-seconds
0.000
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de

Response headers

date
Tue, 12 Nov 2019 15:22:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
677910
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13732
x-xss-protection
0
expires
Wed, 11 Nov 2020 15:22:13 GMT
apple-logo.png
www.rlcontrol.de/ftp/flex2/build/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex2/build/apple-logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
b083ec084e164a478501b562844006aa6c96a37b04446904578a6269fa843a69

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Wed, 10 Feb 2016 21:23:30 GMT
Server
Apache/2.4.10 (Debian)
ETag
"5dc-52b710ba1b880"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
1500
selecttick.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/selecttick.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
3f5894d346f0d6d05a3db55e548cfd0cd6d45e3a603b855fff15810e024980e3

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Thu, 30 Jun 2016 19:38:31 GMT
Server
Apache/2.4.10 (Debian)
ETag
"927-5368403ce7bc0"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2343
ip11weiss.png
www.rlcontrol.de/ftp/flex_core/prepages/big/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/big/ip11weiss.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
26b5184984ae53aa9c40e0137f733747e52d30da0f8afe6f74b49521441175fb

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Wed, 11 Sep 2019 09:02:46 GMT
Server
Apache/2.4.10 (Debian)
ETag
"17f66-5924348e17392"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
98150
weiss.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/weiss.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
25d9f214fac979062817fb4e9f48b52dc72bbe35d1af97348f4cf765c6f82905

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Wed, 11 Sep 2019 09:08:32 GMT
Server
Apache/2.4.10 (Debian)
ETag
"ab2-592435d75a812"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2738
s8mb.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/s8mb.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
400afc15e5e7212a02ffd53f58d3c730bb5457631282da645b5f33da8a13040b

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Thu, 30 Mar 2017 08:27:13 GMT
Server
Apache/2.4.10 (Debian)
ETag
"5ae-54bee75ba9b89"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
1454
gruen.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/gruen.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
a3861ca3a3cb26e101e231d3235a9725a85f5f562e4a37371c179f4cc9c125c8

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Wed, 11 Sep 2019 09:11:08 GMT
Server
Apache/2.4.10 (Debian)
ETag
"853-5924366c6286b"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2131
gelb.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/gelb.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
bcaae2c697c99cd55b81c6b642b81e3e856e054c9625693cc72946b86580ba2b

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Mon, 24 Sep 2018 12:20:28 GMT
Server
Apache/2.4.10 (Debian)
ETag
"868-5769d03c4b169"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2152
violett.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/violett.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
663ede445311634f97f08f791b47abafcc942c867a6d15a746d4c0c84647d2c5

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Wed, 11 Sep 2019 09:10:17 GMT
Server
Apache/2.4.10 (Debian)
ETag
"853-5924363c27f36"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2131
kreisiphone7rot.png
www.rlcontrol.de/ftp/flex_core/prepages/small/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex_core/prepages/small/kreisiphone7rot.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
478bcd9a854dcb50e91364e95f8f360bdf79ac65fe11cbcd9eac978ca45f64e2

Request headers

Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=361749651&rlmset=iphone11_new_de&$subID4=KTVA7DWS8KzRVyCpMQVZ5R&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 11:40:43 GMT
Last-Modified
Thu, 23 Mar 2017 14:33:25 GMT
Server
Apache/2.4.10 (Debian)
ETag
"8c4-54b66c27dbd63"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2244

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| OneSignal function| $ function| jQuery number| value number| _STOP string| end function| styletimer function| settimer function| b64DecodeUnicode function| HexDigitToDec function| SimpleHexToDec function| HexColorToRgb function| HexColorToRGBA function| MixColors function| MixGradientEndColor function| MixBorderColor function| OnCoregDoiPage function| OnFirstRegPage function| OnSecondRegPage function| OnCoregPage function| OnLogoutPage function| ShowPromoConsentMessage function| build_progress_bars function| set_progress function| update_progressbar function| set_background object| backgroundInfo function| rlmHandler function| create_testimonials function| show_testimonials function| next function| create_prepage function| prepage_auswahl function| prepage_info function| prepage_dropdown string| fragdata string| pfdata function| prepage_fragen function| fragendesigner function| pp_hide function| forceImage function| inputstyler function| ValidateSecondRegPage function| style_continue_button function| style_simple_continue_button number| unknownAttemptCount number| maxUnknownAttemptCount boolean| emailErrorShown string| textInputColor function| ShowKickboxError function| HideKickboxErrorMessage function| IsValidTonlineAddress function| buttonstyler function| buttonsmallstyler function| buttonsmallfragenstyler string| symbol_animation string| symbol_speed1 string| symbol_speed2 function| animateButton function| rebuild_continue_button string| fullUrl string| rlmset string| mode string| fi boolean| secondCoregStage number| totalCoregCount number| clickedCoregCount number| clickedListCoregCount number| coregCount boolean| coregsUncovered number| coregCountPerGroup object| coregGroups number| currentCoregGroupIndex number| visibleCoregCount number| weightedCoregCount number| initProgress function| get_coreg_container_by_index function| show_secondary_coregs function| init_audibene function| build_coreg_groups function| show_coreg_group function| hide_coreg_group function| show_next_coreg_group function| apply_spiegel_coreg_changes function| apply_o2_coreg_changes function| assign_coreg_indices function| show_info_popup function| BrandbueroBuyButtonCallback function| apply_frank_coreg_changes function| InRange function| CheckMaxAge function| FP_ShowMessage function| FP_MessageBoxIsVisible function| FinishCoreg function| apply_fisherprice_coreg_changes number| round function| moment function| CalcCalendarWeek number| calendarWeek string| hl1_color string| hl2_color string| ip1 string| ip2 string| ip3 string| ip4 string| ip5 string| ip6 string| ip7 number| lb

2 Cookies

Domain/Path Name / Value
desktop.kouwaiwai.de/ Name: coyoteAffiliTokenId496
Value: 361749651
desktop.kouwaiwai.de/ Name: PHPSESSID
Value: 72bdsv2g4nsmsat8abojo60nu1

3 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js(Line 2168)
Message:
datenEingabe_496.html
console-api log URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js(Line 474)
Message:
complete

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b9a39.bemobpath.com
cdn.onesignal.com
cdnjs.cloudflare.com
click.greatmerch.com
click.webgifts-free.xyz
code.jquery.com
desktop.kouwaiwai.de
fonts.googleapis.com
fonts.gstatic.com
go.bulksfinance.com
links.securedark.com
movania-forsity.com
rlcontrol.de
web.scan-networktoday.xyz
www.exklusive-preise.de
www.rlcontrol.de
108.163.203.126
193.24.234.21
198.143.165.221
198.20.96.202
2001:4de0:ac19::1:b:3a
2606:4700::6811:4104
2606:4700::6812:e134
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200a
35.156.54.233
35.158.38.217
89.191.67.206
89.191.67.79
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854
0a582565571363b7623836486bf6a3f52b7b8d3fb54f45516113bef02cc80b84
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
18589c08a0517dcecd5531d029db1908ebac381c39875b78f4b76a351a03ba4e
25d9f214fac979062817fb4e9f48b52dc72bbe35d1af97348f4cf765c6f82905
26b5184984ae53aa9c40e0137f733747e52d30da0f8afe6f74b49521441175fb
27b68b172858b007dc7b2fc3ac81b6a87924bc8520f5592850a1283a65b69af3
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
356d548e29c0bd99cda841dc7eef71cd951aee295a1b94e33808b66c14e6bbfa
3f5894d346f0d6d05a3db55e548cfd0cd6d45e3a603b855fff15810e024980e3
400afc15e5e7212a02ffd53f58d3c730bb5457631282da645b5f33da8a13040b
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8
44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd
478bcd9a854dcb50e91364e95f8f360bdf79ac65fe11cbcd9eac978ca45f64e2
4ce25ae1cddf53751caa441ee5536c343983a35e1ae51a2639269be1e48216c6
5dbd4ae2b62ce43005aecde5f810acc210309f341fe477887ef275dc32b77f08
5eecac60daf67e9978b368ef66fe2b25e1f0a61da04d77ee55905ac53d1a1cf9
663ede445311634f97f08f791b47abafcc942c867a6d15a746d4c0c84647d2c5
6d975623fc8ed1d8b9d503b1ed5995ed161e39121d48595dffbb91ea4f0b735d
73252363e8f1ef98ad515d39a686e08c38b766004f1a15c9eecacacc259e136c
75b098604bdeba97e5d92a76c08ba438e5671a66db3ba785f28c519897207ee1
78acf37b6c980a9d638c2a825bf0e419f65d68d6fffab3f3063270151f5aadec
7f4e31beb4137909805be8ecdd8a5417036e606d0f5105a9cb4cdf2d2356f1d2
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
90637cdf6cd31423d81b482bdcfd516a3909c483884281707a51782c0845a89b
938b32ff757577f324dba8cadbd65dd04121bdaa0185fbadbd6b7c08aef28850
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
984d6e82dce7262e5c27733ab7c2521a1f25f4a3ec2a1839620e053d3eec78bb
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9d31ec45f6c559022144eaa9e9a220d6841f6090ebe5801d6fd6f697b3f851a0
a3861ca3a3cb26e101e231d3235a9725a85f5f562e4a37371c179f4cc9c125c8
b00bb514f80cb04101fc21cfede62e4bd50a15b69aebad328cde904774f71609
b083ec084e164a478501b562844006aa6c96a37b04446904578a6269fa843a69
b5df3ffea80193c7f3603c89e7a873e37bf503586f07655dff645b14b7324c7c
bcaae2c697c99cd55b81c6b642b81e3e856e054c9625693cc72946b86580ba2b
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995