dein-angebot24.de Open in urlscan Pro
116.203.118.191  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request vo.php Show response dein-angebot24.de/	47 KB 7 KB	270ms 262ms	Document text/html	116.203.118.191 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol HTTP/1.1 Server 116.203.118.191 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS lb04.brm24.de Software nginx/1.18.0 / Resource Hash 06e869569e6103cdd47cfcc4fbf7a57d4b5c372ab7acdeb656659639f8299e93 Request headers Host dein-angebot24.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server nginx/1.18.0 Date Thu, 22 Apr 2021 12:51:33 GMT Content-Type text/html; charset=UTF-8 Content-Length 6576 Connection keep-alive Vary Accept-Encoding Content-Encoding gzip
GET H2	200	css fonts.googleapis.com/	2 KB 572 B	14ms 14ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700&display=swap Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 91ff5e91cd939c03644ea2f94e993b1ca9b7691462811439ffc8d7f6ebab78b8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 22 Apr 2021 12:42:51 GMT server ESF date Thu, 22 Apr 2021 12:51:33 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 22 Apr 2021 12:51:33 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 548 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fb3cf77a973eb71db0086a2e31d6bd88e3c038e945b58a0f6475aa28f4415d65 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 22 Apr 2021 12:22:59 GMT server ESF date Thu, 22 Apr 2021 12:51:33 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 22 Apr 2021 12:51:33 GMT
GET H2	200	v18474.gif kftr2.de/	1 KB 1 KB	77ms 75ms	Image image/gif	82.165.101.144 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://kftr2.de/v18474.gif Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 82.165.101.144 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS tracking.3d-media.name Software nginx / PHP/5.4.16, PleskLin, PleskLin Resource Hash 6e2d5d863a586dce9b0c8439e8eeafd9a9d364c135e1c73d13ca099279aa9b54 Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 12:51:26 GMT server nginx x-powered-by PHP/5.4.16, PleskLin, PleskLin content-type image/gif
GET H2	200	de_header_logo_weintipp_dtgv_20201202.jpg www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/	36 KB 36 KB	28ms 25ms	Image image/jpeg	2606:4700:10::6816:e78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/de_header_logo_weintipp_dtgv_20201202.jpg Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:e78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7836e036539fc7f1c0645f999040c85667e6b89dd6c563f7c2d6db7ce0da8dec Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 12:51:33 GMT via 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront) x-vic-media-source S3 cf-cache-status HIT age 4401714 cf-polished status=not_needed x-cache Miss from cloudfront alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 36811 cf-request-id 099b3bcf95000005e9f3ae1000000001 pragma public expires Wed, 02 Mar 2022 15:09:39 GMT last-modified Tue, 02 Mar 2021 15:09:39 +0100 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * vary Origin, Accept-Encoding cache-control max-age=31557600 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 accept-ranges bytes cf-ray 643efbf8e90e05e9-FRA access-control-allow-headers Origin, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization, Apikey x-amz-cf-id Nw1jrVSMgsESCWhgAae7vhKaj2Kuxsvzte1Jv3qdgCRjvVN_53kZqg== x-content-type-options nosniff cf-bgj imgq:100,h2pri
GET H/1.1	200 OK	teaser_desktop.png vicampo-media.s3.amazonaws.com/uploads/media/10000/e-mail-kampagnen/kf/2021-04-Primitivo-Negroamaro-Glaeser/	333 KB 334 KB	143ms 48ms	Image image/png	52.218.96.185 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://vicampo-media.s3.amazonaws.com/uploads/media/10000/e-mail-kampagnen/kf/2021-04-Primitivo-Negroamaro-Glaeser/teaser_desktop.png Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.96.185 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-3-w.amazonaws.com Software AmazonS3 / Resource Hash a3b6d144de093598660dc6f947db0ed72e1ab3c39e129c8db54938ee71932fa6 Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 22 Apr 2021 12:51:35 GMT Last-Modified Wed, 07 Apr 2021 14:46:05 GMT Server AmazonS3 x-amz-request-id 4HYVR22ZYNG81SRB ETag "353ad8cc579f249b051c3767ec875dc0" Content-Type image/png x-amz-version-id KFofo_wdziHWUwjxZXQ7gKdhGGftmnji Accept-Ranges bytes Content-Length 341231 x-amz-id-2 VeqYbNqLWom+gLClt+2OspLYErPHLcjNa9xKkICy5leoFnXlNKuApPBvTc2RjZahW1Hs9ctelkU=
GET H/1.1	200 OK	teaser_mobile.png vicampo-media.s3.amazonaws.com/uploads/media/10000/e-mail-kampagnen/kf/2021-04-Primitivo-Negroamaro-Glaeser/	212 KB 213 KB	140ms 45ms	Image image/png	52.218.96.185 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://vicampo-media.s3.amazonaws.com/uploads/media/10000/e-mail-kampagnen/kf/2021-04-Primitivo-Negroamaro-Glaeser/teaser_mobile.png Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.96.185 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-3-w.amazonaws.com Software AmazonS3 / Resource Hash 2ad891d12165b1aed115ecba10159d75362ae4b1e06f8a5b2764c3db75e286cd Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 22 Apr 2021 12:51:35 GMT Last-Modified Wed, 07 Apr 2021 14:46:08 GMT Server AmazonS3 x-amz-request-id 4HYJP0TP2XQ35FY5 ETag "2b1ebf0d3e56175d5f2e2dcebe92db38" Content-Type image/png x-amz-version-id PkqmfeaImqOWk2IGfGSgNANle0vpFYXr Accept-Ranges bytes Content-Length 217298 x-amz-id-2 fs0P/mOuEdoHkxnFbE+FAzWkjMAAPMclsf2HTsvO3AcxIUgxrcp1g9NMSwBHFIXM2wQz6jkZkmc=
GET H2	200	zickzack_border_white_flipped.png www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/	279 B 526 B	33ms 31ms	Image image/png	2606:4700:10::6816:e78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/zickzack_border_white_flipped.png Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:e78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9910f80259c4981f34cc23925a24affddbdb8d102f95b21e935557ef5b369aa7 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 12:51:33 GMT via 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront) x-vic-media-source S3 cf-cache-status HIT age 4401714 cf-polished origSize=1301, status=vary_header_present x-cache Miss from cloudfront alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 279 cf-request-id 099b3bcf95000005e9da244000000001 pragma public expires Wed, 02 Mar 2022 15:09:39 GMT last-modified Tue, 02 Mar 2021 15:09:39 +0100 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * vary Origin, Accept-Encoding cache-control max-age=31557600 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 accept-ranges bytes cf-ray 643efbf8e91105e9-FRA access-control-allow-headers Origin, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization, Apikey x-amz-cf-id iUDIbjPsp5RIS4BEAgfoN1gHjC13n94ayCrYV6dfnt1Opj2fz8Zr2g== x-content-type-options nosniff cf-bgj imgq:100,h2pri
GET H2	200	bullet.png www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/	188 B 606 B	36ms 34ms	Image image/png	2606:4700:10::6816:e78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/bullet.png Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:e78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 751215e8c53fa9d6229d2b5f009acfbb925a5883980a896dd2fcc59cc08d779c Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 12:51:33 GMT via 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront) x-vic-media-source S3 cf-cache-status HIT age 4401714 cf-polished status=not_needed x-cache Miss from cloudfront alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 188 cf-request-id 099b3bcf97000005e9852c1000000001 pragma public expires Wed, 02 Mar 2022 15:09:39 GMT last-modified Tue, 02 Mar 2021 15:09:39 +0100 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * vary Origin, Accept-Encoding cache-control max-age=31557600 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 accept-ranges bytes cf-ray 643efbf8e91305e9-FRA access-control-allow-headers Origin, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization, Apikey x-amz-cf-id p4sCUzBSzwh9dEw4byrELD-mDy_BNjk5G0Ln0mu_ATWzOis0rYJR0Q== x-content-type-options nosniff cf-bgj imgq:100,h2pri
GET H2	200	zickzack_border_white.png www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/	286 B 517 B	30ms 29ms	Image image/png	2606:4700:10::6816:e78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/zickzack_border_white.png Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:e78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d22cd9a209759649a50beb3073f950ebd4de889df10f08d42ac73bd20a56980 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 12:51:33 GMT via 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront) x-vic-media-source S3 cf-cache-status HIT age 4401714 cf-polished origSize=1328, status=vary_header_present x-cache Miss from cloudfront alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 286 cf-request-id 099b3bcf96000005e9ca294000000001 pragma public expires Wed, 02 Mar 2022 15:09:39 GMT last-modified Tue, 02 Mar 2021 15:09:39 +0100 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * vary Origin, Accept-Encoding cache-control max-age=31557600 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 accept-ranges bytes cf-ray 643efbf8e91705e9-FRA access-control-allow-headers Origin, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization, Apikey x-amz-cf-id Oo6ZnvxZzyZ4hAKZQ2-42IEf9KASpNSJcrMVsBq2BF8-7AWmxEjqjA== x-content-type-options nosniff cf-bgj imgq:100,h2pri
GET H2	200	icon_delivery_free_grey.png www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/icons/	6 KB 7 KB	33ms 32ms	Image image/png	2606:4700:10::6816:e78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/icons/icon_delivery_free_grey.png Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:e78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa2c4fbbef9ecb2ca511af54df0628a5f43a64a49a88ba46322612a0f0d69dc4 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 12:51:33 GMT via 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront) x-vic-media-source S3 cf-cache-status HIT age 4401714 cf-polished status=not_needed x-cache Miss from cloudfront alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6257 cf-request-id 099b3bcf96000005e9fe01c000000001 pragma public expires Wed, 02 Mar 2022 15:09:39 GMT last-modified Tue, 02 Mar 2021 15:09:39 +0100 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * vary Origin, Accept-Encoding cache-control max-age=31557600 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 accept-ranges bytes cf-ray 643efbf8e91805e9-FRA access-control-allow-headers Origin, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization, Apikey x-amz-cf-id iiiljUOzKk3p6FykdY2jTdQbho_JDefXM-l-MXHpLyNX51S3O2XIoQ== x-content-type-options nosniff cf-bgj imgq:100,h2pri
GET H2	200	icon_money_return_grey.png www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/icons/	9 KB 10 KB	26ms 25ms	Image image/png	2606:4700:10::6816:e78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/icons/icon_money_return_grey.png Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:e78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d77d00ca007ac949302aff7f4d7bc9aa4569c2f21c28e4378aa725d5f596384 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 12:51:33 GMT via 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront) x-vic-media-source S3 cf-cache-status HIT age 4401715 cf-polished status=not_needed x-cache Miss from cloudfront alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9363 cf-request-id 099b3bcf96000005e988815000000001 pragma public expires Wed, 02 Mar 2022 15:09:38 GMT last-modified Tue, 02 Mar 2021 15:09:38 +0100 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * vary Origin, Accept-Encoding cache-control max-age=31557600 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 accept-ranges bytes cf-ray 643efbf8e91a05e9-FRA access-control-allow-headers Origin, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization, Apikey x-amz-cf-id EHBjU8GNIvHLDy7rUgUSnpeLvBjD9dUuqCu4Qw8w-GKLxl1-vZ3JqA== x-content-type-options nosniff cf-bgj imgq:100,h2pri
GET H3-29	200	icon_invoice_grey.png www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/icons/	5 KB 6 KB	36ms 34ms	Image image/png	2606:4700:10::6816:e78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.vicampo.de/media/uploads/10000/e-mail-kampagnen/sparpakete-template-grafiken/icons/icon_invoice_grey.png Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:e78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12c2151f3e3337910a350fed67d0b2192a6392e5f6fdc154778cf9c32c82bdcc Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 12:51:33 GMT via 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront) x-vic-media-source S3 cf-cache-status HIT age 4401715 cf-polished status=not_needed x-cache Miss from cloudfront alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4958 cf-request-id 099b3bcfc200004a7fcd146000000001 pragma public expires Wed, 02 Mar 2022 15:09:38 GMT last-modified Tue, 02 Mar 2021 15:09:38 +0100 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * vary Origin, Accept-Encoding cache-control max-age=31557600 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 accept-ranges bytes cf-ray 643efbf93acc4a7f-FRA access-control-allow-headers Origin, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization, Apikey x-amz-cf-id 0F2UBx0DSYyUYjvIRKF1C02g44phoiLbZury6LNx68EKnl4BoE6JQA== x-content-type-options nosniff cf-bgj imgq:100,h2pri
GET H3-29	200	dtgv_award_2020.png www.vicampo.de/media/uploads/10000/cms-contents/footer/	97 KB 98 KB	37ms 35ms	Image image/png	2606:4700:10::6816:e78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.vicampo.de/media/uploads/10000/cms-contents/footer/dtgv_award_2020.png Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:e78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 912dc5e7eea3e69d2c4ec5a9c78e420d877d424da96f90e3cb322d35dcf9036a Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains X-Content-Type-Options nosniff Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 12:51:33 GMT via 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront) x-vic-media-source S3 cf-cache-status HIT age 10923528 cf-polished origSize=100562, status=vary_header_present x-cache Miss from cloudfront alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 99708 cf-request-id 099b3bcfc200004a7f47af5000000001 pragma public expires Fri, 17 Dec 2021 03:32:45 GMT last-modified Thu, 17 Dec 2020 03:32:45 +0100 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=300; includeSubDomains access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * vary Origin, Accept-Encoding cache-control max-age=31557600 access-control-allow-credentials true x-amz-cf-pop FRA53-C1 accept-ranges bytes cf-ray 643efbf93ace4a7f-FRA access-control-allow-headers Origin, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization, Apikey x-amz-cf-id fbMZNUcc6IyLeJnNgaO4Cbf7zHv44zpFJ3MfnOB691moeky6B9tgGg== x-content-type-options nosniff cf-bgj imgq:100,h2pri
GET H/1.1	200 OK	O dein-angebot24.de/	49 B 196 B	243ms 236ms	Image image/gif	116.203.118.191 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dein-angebot24.de/O?20236-2002179-1846958-1285508527-999-5-222.gif Requested by Host: dein-angebot24.de URL: http://dein-angebot24.de/vo.php?client_id=20236&mid=1a3a9b08dd8b786c9c6e9f2ad253481f&message_id=1846958&campagne_id=2002179 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 116.203.118.191 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS lb04.brm24.de Software nginx/1.18.0 / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Request headers Referer http://dein-angebot24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 22 Apr 2021 12:51:34 GMT Server nginx/1.18.0 Connection keep-alive Content-Length 49 Content-Type image/gif
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v17/	22 KB 23 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://dein-angebot24.de Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 00:07:58 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:12 GMT server sffe age 45815 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22992 x-xss-protection 0 expires Fri, 22 Apr 2022 00:07:58 GMT
GET H3-29	200	kmKhZrc3Hgbbcjq75U4uslyuy4kn0qNcWxEQDA.woff2 fonts.gstatic.com/s/librebaskerville/v9/	30 KB 30 KB	23ms 21ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librebaskerville/v9/kmKhZrc3Hgbbcjq75U4uslyuy4kn0qNcWxEQDA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2cec3a43fa23e6284c7c7a7250fb0977a29c90fbdf07b90d6696155caade8eef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://dein-angebot24.de Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 09:32:11 GMT x-content-type-options nosniff last-modified Thu, 10 Sep 2020 17:02:07 GMT server sffe age 184762 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30684 x-xss-protection 0 expires Wed, 20 Apr 2022 09:32:11 GMT
GET H3-29	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v17/	23 KB 23 KB	10ms 9ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://dein-angebot24.de Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Apr 2021 02:03:02 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:46 GMT server sffe age 38911 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23484 x-xss-protection 0 expires Fri, 22 Apr 2022 02:03:02 GMT
GET H3-29	200	kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2 fonts.gstatic.com/s/librebaskerville/v9/	27 KB 27 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librebaskerville/v9/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2ca57650e9d1881e382bd324039937317b18e44fd5fadab6d09018d426a2622a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin http://dein-angebot24.de Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 21 Apr 2021 23:45:15 GMT x-content-type-options nosniff last-modified Thu, 10 Sep 2020 17:02:29 GMT server sffe age 47178 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27932 x-xss-protection 0 expires Thu, 21 Apr 2022 23:45:15 GMT

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dein-angebot24.de
fonts.googleapis.com
fonts.gstatic.com
kftr2.de
vicampo-media.s3.amazonaws.com
www.vicampo.de
116.203.118.191
2606:4700:10::6816:e78
2a00:1450:4001:809::2003
2a00:1450:4001:812::200a
52.218.96.185
82.165.101.144
06e869569e6103cdd47cfcc4fbf7a57d4b5c372ab7acdeb656659639f8299e93
12c2151f3e3337910a350fed67d0b2192a6392e5f6fdc154778cf9c32c82bdcc
2ad891d12165b1aed115ecba10159d75362ae4b1e06f8a5b2764c3db75e286cd
2ca57650e9d1881e382bd324039937317b18e44fd5fadab6d09018d426a2622a
2cec3a43fa23e6284c7c7a7250fb0977a29c90fbdf07b90d6696155caade8eef
4d22cd9a209759649a50beb3073f950ebd4de889df10f08d42ac73bd20a56980
6e2d5d863a586dce9b0c8439e8eeafd9a9d364c135e1c73d13ca099279aa9b54
751215e8c53fa9d6229d2b5f009acfbb925a5883980a896dd2fcc59cc08d779c
7836e036539fc7f1c0645f999040c85667e6b89dd6c563f7c2d6db7ce0da8dec
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
912dc5e7eea3e69d2c4ec5a9c78e420d877d424da96f90e3cb322d35dcf9036a
91ff5e91cd939c03644ea2f94e993b1ca9b7691462811439ffc8d7f6ebab78b8
9910f80259c4981f34cc23925a24affddbdb8d102f95b21e935557ef5b369aa7
9d77d00ca007ac949302aff7f4d7bc9aa4569c2f21c28e4378aa725d5f596384
a3b6d144de093598660dc6f947db0ed72e1ab3c39e129c8db54938ee71932fa6
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
fa2c4fbbef9ecb2ca511af54df0628a5f43a64a49a88ba46322612a0f0d69dc4
fb3cf77a973eb71db0086a2e31d6bd88e3c038e945b58a0f6475aa28f4415d65