11sup.sofortchancen.de Open in urlscan Pro
188.95.252.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.usakaw.link/index.php/campaigns/lm556xk6opcf7/track-url/cw071qsvyy150/415dc18175c558653dcc92ca65626436ce4f076c
Effective URL:
https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Submission Tags: https://phish.report @phish_report Search All
Submission: On April 07 via api (April 7th 2023, 6:38:09 am UTC) from FI — Scanned from FI

Summary HTTP 57 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 57 HTTP transactions. The main IP is 188.95.252.36, located in Spain and belongs to RACKMARKT, ES. The main domain is 11sup.sofortchancen.de.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 29th 2023. Valid for: 3 months.

This is the only time 11sup.sofortchancen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:b88a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:d793	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a05:d018:483... 2a05:d018:483:6130:a842:7dc3:1a59:a57	16509 (AMAZON-02) (AMAZON-02)
1 19	188.95.252.36 188.95.252.36	197518 (RACKMARKT) (RACKMARKT)
7	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
12	2606:4700:20:... 2606:4700:20::ac43:47b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	116.203.55.53 116.203.55.53	24940 (HETZNER-AS) (HETZNER-AS)
4	2606:4700:20:... 2606:4700:20::681a:f1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	12

1 2606:4700:3031::ac43:b88a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.usakaw.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:d793 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

uptz.kiteei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:483:6130:a842:7dc3:1a59:a57 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

gfstrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 188.95.252.36 (Spain) 1 redirects

ASN197518 (RACKMARKT, ES)

ihre-tageschance.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11sup.sofortchancen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.55.53 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.55.203.116.clients.your-server.de

arctollceoo.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)

api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	sofortchancen.de 11sup.sofortchancen.de	650 KB
16	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 15543 api.cleverpush.com — Cisco Umbrella Rank: 16891	134 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	417 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	27 KB
1	mycleverpush.com arctollceoo.mycleverpush.com	27 KB
1	google.fi www.google.fi — Cisco Umbrella Rank: 29193	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 100	353 B
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 2002	30 KB
1	ihre-tageschance.de 1 redirects ihre-tageschance.de	740 B
1	gfstrck.com 1 redirects gfstrck.com	3 KB
1	kiteei.com 1 redirects uptz.kiteei.com	845 B
1	usakaw.link 1 redirects t.usakaw.link	652 B
57	13

	Domain	Requested by
18	11sup.sofortchancen.de	11sup.sofortchancen.de
12	static.cleverpush.com	11sup.sofortchancen.de static.cleverpush.com arctollceoo.mycleverpush.com
7	www.google-analytics.com	11sup.sofortchancen.de www.google-analytics.com
4	api.cleverpush.com	static.cleverpush.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	fonts.gstatic.com	11sup.sofortchancen.de www.google.com
4	www.google.com	11sup.sofortchancen.de www.gstatic.com www.google.com
1	arctollceoo.mycleverpush.com	static.cleverpush.com
1	www.google.fi	11sup.sofortchancen.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.aspnetcdn.com	11sup.sofortchancen.de
1	ihre-tageschance.de	1 redirects
1	gfstrck.com	1 redirects
1	uptz.kiteei.com	1 redirects
1	t.usakaw.link	1 redirects
57	15

This site contains links to these domains. Also see Links.

Domain
www.daydreams.de
www.mirabo.at
www.mirabo.ch
www.burda-versichert.de
www.bluemediaads.com
www.meinungsclub.de
elitepremiumservice.com
de.testclub.com
www.super-sparfuechse.com
mivolta.de
www.pmiprivacy.com
www.affili-partner.com

Subject Issuer	Validity	Valid
11sup.sofortchancen.de cPanel, Inc. Certification Authority	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-11` - `2023-06-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-06` - `2023-06-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Frame ID: E490A1A5ACC028540DDA131068ACE044
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly8xMXN1cC5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=fi&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=6yx0iooe3he2
Frame ID: D38FB5AAADA9A43C7C2EF0AC93748C16
Requests: 7 HTTP requests in this frame

Frame: https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2F11sup.sofortchancen.de
Frame ID: 8EAC9C8C42B2A6142B6AACD6DE911D49
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Edeka Gutschein

Page URL History Show full URLs

https://t.usakaw.link/index.php/campaigns/lm556xk6opcf7/track-url/cw071qsvyy150/415dc18175c558653d... HTTP 301
https://uptz.kiteei.com/?a=69141&c=332515&s2=Dee HTTP 302
https://gfstrck.com/?a=69141&c=332515&oc=187097&sr=t&s2=Dee&vt=1680849481953&h=27c4862e1706a295e... HTTP 302
https://ihre-tageschance.de/de,edeka,aff,2021,arctoll_1723.html?idPartner=222&idCampaignAd=0&subId=69141... HTTP 302
https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=& Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

57
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

15
Subdomains

12
IPs

5
Countries

1307 kB
Transfer

2390 kB
Size

18
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.daydreams.de/datenschutz
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://www.mirabo.at/nvg-at/content/datenschutzinformation-nach-art-14-dsgvo,549/
Title: https://www.mirabo.at/nvg-at/datenschutzinformation

Search URL Search Domain Scan URL

URL: https://www.mirabo.at/datenschutzinformation
Title: Datenschutzinfo AT

Search URL Search Domain Scan URL

URL: https://www.mirabo.ch/datenschutzinformation
Title: Datenschutzinfo CH

Search URL Search Domain Scan URL

URL: https://www.burda-versichert.de/de/cms/datenschutzinformation-art-14.html
Title: Informationen nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: http://www.bluemediaads.com/GDPR_EN-DE.html
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.meinungsclub.de/static/privacy
Title: https://www.meinungsclub.de/static/privacy

Search URL Search Domain Scan URL

URL: https://elitepremiumservice.com/datenschutz.html
Title: Datenschutzinformation nach Art. 14 DSGVO

Search URL Search Domain Scan URL

URL: https://de.testclub.com/terms-of-use/
Title: https://de.testclub.com/terms-of-use/

Search URL Search Domain Scan URL

URL: https://www.super-sparfuechse.com/nutzungsbedingungen/
Title: https://www.super-sparfuechse.com/nutzungsbedingungen/

Search URL Search Domain Scan URL

URL: https://mivolta.de/
Title: https://mivolta.de/

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer/
Title: https://www.pmiprivacy.com/de-de/consumer/

Search URL Search Domain Scan URL

URL: http://www.affili-partner.com/en/registration.html
Title: www.Affiliate-Partner.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.usakaw.link/index.php/campaigns/lm556xk6opcf7/track-url/cw071qsvyy150/415dc18175c558653dcc92ca65626436ce4f076c HTTP 301
https://uptz.kiteei.com/?a=69141&c=332515&s2=Dee HTTP 302
https://gfstrck.com/?a=69141&c=332515&oc=187097&sr=t&s2=Dee&vt=1680849481953&h=27c4862e1706a295e80868ecaae92aad318ff1d1&req=http%3A%2F%2Fuptz.kiteei.com%2F%3Fa%3D69141%26c%3D332515%26s2%3DDee&mt=3&sip=2a0c:f040:0:2790::2e&sh=13664feea350e104559aa0e22c4344f997b1e503 HTTP 302
https://ihre-tageschance.de/de,edeka,aff,2021,arctoll_1723.html?idPartner=222&idCampaignAd=0&subId=69141_&subIdentifier=de75d1ed69874831a9bf623f2293ef7220036&additionalParamString= HTTP 302
https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request campaign_2728.html Show response
11sup.sofortchancen.de/
Redirect Chain

https://t.usakaw.link/index.php/campaigns/lm556xk6opcf7/track-url/cw071qsvyy150/415dc18175c558653dcc92ca65626436ce4f076c
https://uptz.kiteei.com/?a=69141&c=332515&s2=Dee
https://gfstrck.com/?a=69141&c=332515&oc=187097&sr=t&s2=Dee&vt=1680849481953&h=27c4862e1706a295e80868ecaae92aad318ff1d1&req=http%3A%2F%2Fuptz.kiteei.com%2F%3Fa%3D69141%26c%3D332515%26s2%3DDee&mt=3&...
https://ihre-tageschance.de/de,edeka,aff,2021,arctoll_1723.html?idPartner=222&idCampaignAd=0&subId=69141_&subIdentifier=de75d1ed69874831a9bf623f2293ef7220036&additionalParamString=
https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

215 KB
215 KB

558ms
383ms

Document
text/html

188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 98dc425eed47a4dee56a2607c5e5b46c3c82a94e885594cf7ff41286c8d75d83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 07 Apr 2023 06:38:02 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 07 Apr 2023 06:38:02 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 191ms
61ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Apr 2023 06:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1971
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 07 Apr 2023 08:05:12 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 86 KB
30 KB 157ms
37ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F78D) /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25664143
x-cache: HIT
content-length: 30737
x-xss-protection: 1; mode=block
last-modified: Thu, 02 May 2019 18:32:11 GMT
server: ECAcc (ska/F78D)
etag: "808705b151d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK reset.css
11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/ 1 KB
1 KB 244ms
82ms Stylesheet
text/css 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/reset.css
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: c8f4db5cb5de6f37e5c8c89b69a21092e444ce66d65da692f2b297007a0c2963

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Thu, 29 Sep 2016 12:39:41 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1073
Content-Type: text/css

GET
H/1.1 200
OK custom.css
11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/ 21 KB
22 KB 245ms
82ms Stylesheet
text/css 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/custom.css
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: eb3eb3234394fd402890dd7269e4e35ffb9b4df7d0caba5eccc84f2cced2fbb9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Fri, 24 Aug 2018 10:36:34 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 21826
Content-Type: text/css

GET
H/1.1 200
OK series.css
11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/ 41 KB
41 KB 246ms
83ms Stylesheet
text/css 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/series.css
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 895562fb3ab5dec78b28196e26938382110e8d1b109d54e99f736581d3f9bfaf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Thu, 05 Jan 2017 15:26:26 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 42281
Content-Type: text/css

GET
H/1.1 200
OK button.js Show response
11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/ 4 KB
4 KB 245ms
81ms Script
application/javascript 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/button.js
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 4a4c46b8a193ff0825d07a0f3fe6c3b9df535ce9b26371a81be2384afbf0b30b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Thu, 06 Apr 2017 07:50:57 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 3824
Content-Type: application/javascript

GET
H2 200 4BPm8eKCLLtycAJE8.js Show response
static.cleverpush.com/channel/loader/ 280 KB
57 KB 491ms
412ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae3f0aeaed47d59feed0ca22cde085094db837bac5d122f48c28f683cf006c9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GF7FFEAD3G8FZGXJ
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iK9dPNBZFIC05KO6tJGSgv3mYzMjHKfCejbbKSlrH3BfxY2HRMFFNHGI2Olvq3fU4YdI5K7QzJU=
last-modified: Thu, 06 Apr 2023 00:04:40 GMT
server: cloudflare
etag: W/"e641fccf9c7e390fe7071f15e14a0d64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbM%2B%2Fkg9BFYaHnFasdd6Eqd%2FcZViaTMiCD2OPdgaZvKCLJH9J8pV%2FaEZ6g4qT3B6GHJk4Z8EwMfb07l0iiQdB2VQjtZMSRSZVfEzmfkCLhBg%2Fevza0cSYGek%2ByhHaMt8yQQX3rvkDTwLUZiyZoKXR2OShA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 7b4043f8bc15376d-HEL

GET
H/1.1 200
OK edeka,mobile,prize,a.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 65 KB
65 KB 245ms
81ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,mobile,prize,a.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: ed3686f157f542dd6350eebe1cb91b236f2030532c0c358974edccb65fab12d6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Thu, 28 Jan 2021 16:20:09 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 66264
Content-Type: image/png

GET
H/1.1 200
OK edeka,desk,header.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 47 KB
47 KB 245ms
81ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,desk,header.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 79e06f1eed12d69174cf42a5e498858f9aa4dc6adaa9ad7043d387d3ef1e3c7d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 47647
Content-Type: image/png

GET
H/1.1 200
OK edeka,desk,prize,a.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 85 KB
85 KB 477ms
81ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,desk,prize,a.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: d8d7032bfb124576109d7c30ee7704ebda7ca9d649e6b91e372d2d6d2761983e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Thu, 28 Jan 2021 16:20:09 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 86950
Content-Type: image/png

GET
H/1.1 200
OK edeka,pb,done.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 1 KB
1 KB 245ms
81ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,pb,done.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 18fd591fd0c632708863aacb644fbe4b791def15db3a585dca2bb3669b710b76

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1289
Content-Type: image/png

GET
H/1.1 200
OK edeka,pb,2.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 1 KB
1 KB 242ms
80ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,pb,2.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: b71af4aacfcf6686ecc6f95f30cfed1038c4bcb1a91229cd2cd3e44387f447e5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1324
Content-Type: image/png

GET
H/1.1 200
OK edeka,pb,3.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 1 KB
1 KB 242ms
80ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,pb,3.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 855aad4742594f975c954db8924161495778d924cca3fb34a1aaea075f766621

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:04 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1326
Content-Type: image/png

GET
H/1.1 200
OK edeka,pb,4.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 1 KB
1 KB 242ms
81ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,pb,4.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 4cb18a88ad0c38c0fd96673a51c77df277826ee27a05d97263e8344541eab70b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:04 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1274
Content-Type: image/png

GET
H/1.1 200
OK edeka,pb,prize.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 845 B
1 KB 243ms
81ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,pb,prize.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 7a3b23ef6057020443c65826159fbd95ab2648616acc583af05bec3c4a47e04b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:04 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 845
Content-Type: image/png

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
905 B 207ms
75ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c6fe7788adde7a591c9610f00f718f0bd796026e9e2334087bef190abb68030

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 585
x-xss-protection: 1; mode=block
expires: Fri, 07 Apr 2023 06:38:03 GMT

GET
H/1.1 200
OK dynamicCoreg.js Show response
11sup.sofortchancen.de/templates/js/ 7 KB
7 KB 243ms
81ms Script
application/javascript 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/templates/js/dynamicCoreg.js
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: cfc30b95a5989ba120988b3a9363be63ea4dcdba3c581f1dde3608092c031cad

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Thu, 16 Sep 2021 07:20:53 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 7200
Content-Type: application/javascript

GET
H/1.1 200
OK main_layout_logo.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/ 7 KB
7 KB 242ms
81ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/main_layout_logo.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:04 GMT
Last-Modified: Mon, 08 May 2017 07:24:36 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 7333
Content-Type: image/png

GET
H/1.1 200
OK coyoteDefaultLibrary.css
11sup.sofortchancen.de/templates/coyoteDefaultLibrary/ 2 KB
3 KB 249ms
81ms Stylesheet
text/css 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/templates/coyoteDefaultLibrary/coyoteDefaultLibrary.css
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 15e9a4546d5ac8af8c3b083aa33a81541a69691625ce72cdb5e6fc1475b0c8c8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Tue, 04 May 2021 04:37:20 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 2458
Content-Type: text/css

GET
H/1.1 200
OK coyoteDefaultLibrary.js Show response
11sup.sofortchancen.de/templates/coyoteDefaultLibrary/ 17 KB
18 KB 244ms
81ms Script
application/javascript 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/templates/coyoteDefaultLibrary/coyoteDefaultLibrary.js
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 425afd9a7a5108ad89c3ee927323884bfe7d43d9eba87195e19d88f1e2c99853

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Tue, 04 May 2021 04:37:20 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 17749
Content-Type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 69ms
68ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2023635928&t=pageview&_s=1&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D490315898%26additionalParamString%3D%26&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACACI~&jid=1681020916&gjid=2022924232&cid=2025762212.1680849483&tid=UA-68861802-12&_gid=1822483817.1680849483&_r=1&_slc=1&cg1=2728&cg2=191&cg3=222&cg4=69141_&cg5=de75d1ed69874831a9bf623f2293ef7220036&cd1=2728&cd2=191&cd3=222&cd4=69141_&cd5=de75d1ed69874831a9bf623f2293ef7220036&cd6=2421&z=1108730138

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://11sup.sofortchancen.de/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 06:38:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://11sup.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 62ms
60ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=2023635928&t=event&_s=2&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D490315898%26additionalParamString%3D%26&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=pageview&el=2728%2Fadressdata1%2F&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=2025762212.1680849483&tid=UA-68861802-12&_gid=1822483817.1680849483&cg1=2728&cg2=191&cg3=222&cg4=69141_&cg5=de75d1ed69874831a9bf623f2293ef7220036&cd1=2728&cd2=191&cd3=222&cd4=69141_&cd5=de75d1ed69874831a9bf623f2293ef7220036&cd6=2421&z=1809263532

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45171
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 63ms
61ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=2023635928&t=event&_s=3&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D490315898%26additionalParamString%3D%26&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=idPartner&el=222&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=2025762212.1680849483&tid=UA-68861802-12&_gid=1822483817.1680849483&cg1=2728&cg2=191&cg3=222&cg4=69141_&cg5=de75d1ed69874831a9bf623f2293ef7220036&cd1=2728&cd2=191&cd3=222&cd4=69141_&cd5=de75d1ed69874831a9bf623f2293ef7220036&cd6=2421&z=1744063972

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45171
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 63ms
62ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=2023635928&t=event&_s=4&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D490315898%26additionalParamString%3D%26&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=idAmKampagne&el=2728&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=2025762212.1680849483&tid=UA-68861802-12&_gid=1822483817.1680849483&cg1=2728&cg2=191&cg3=222&cg4=69141_&cg5=de75d1ed69874831a9bf623f2293ef7220036&cd1=2728&cd2=191&cd3=222&cd4=69141_&cd5=de75d1ed69874831a9bf623f2293ef7220036&cd6=2421&z=68374724

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45171
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 64ms
62ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=2023635928&t=event&_s=5&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D490315898%26additionalParamString%3D%26&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=wgname&el=Edeka%20Gutschein&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=2025762212.1680849483&tid=UA-68861802-12&_gid=1822483817.1680849483&cg1=2728&cg2=191&cg3=222&cg4=69141_&cg5=de75d1ed69874831a9bf623f2293ef7220036&cd1=2728&cd2=191&cd3=222&cd4=69141_&cd5=de75d1ed69874831a9bf623f2293ef7220036&cd6=2421&z=1000077281

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45171
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 64ms
63ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=2023635928&t=event&_s=6&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D490315898%26additionalParamString%3D%26&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=222&el=69141_&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=2025762212.1680849483&tid=UA-68861802-12&_gid=1822483817.1680849483&cg1=2728&cg2=191&cg3=222&cg4=69141_&cg5=de75d1ed69874831a9bf623f2293ef7220036&cd1=2728&cd2=191&cd3=222&cd4=69141_&cd5=de75d1ed69874831a9bf623f2293ef7220036&cd6=2421&z=557160716

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45171
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 198ms
66ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-68861802-12&cid=2025762212.1680849483&jid=1681020916&gjid=2022924232&_gid=1822483817.1680849483&_u=YEBAAEAAAAAAACACI~&z=984988236

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://11sup.sofortchancen.de/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Apr 2023 06:38:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://11sup.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK edeka,desk,bg,b.jpg
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 127 KB
128 KB 206ms
81ms Image
image/jpeg 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,desk,bg,b.jpg
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: f10c7420cd429dc2d0b771b219a61a57c6ae5d5e05399daff85dd3cfab173761

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 06:38:03 GMT
Last-Modified: Fri, 18 Nov 2022 16:30:58 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 130554
Content-Type: image/jpeg

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 15 KB
16 KB 192ms
62ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11sup.sofortchancen.de/
Origin: https://11sup.sofortchancen.de
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:32:17 GMT
x-content-type-options: nosniff
age: 245146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15572
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:32:17 GMT

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e8e0e58a0c5a5e3f02b9167ed381b7cd5cd9907d8e29d2f4a01b9673e92fea2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 16 KB
16 KB 200ms
77ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11sup.sofortchancen.de/
Origin: https://11sup.sofortchancen.de
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:52:26 GMT
x-content-type-options: nosniff
age: 243937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16276
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:52:26 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 74ms
73ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-68861802-12&cid=2025762212.1680849483&jid=1681020916&_u=YEBAAEAAAAAAACACI~&z=1400214562

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 06:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 203ms
73ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-68861802-12&cid=2025762212.1680849483&jid=1681020916&_u=YEBAAEAAAAAAACACI~&z=1400214562

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=490315898&additionalParamString=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 06:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ 409 KB
165 KB 193ms
63ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86aea22cc2369e7d26b95e800900428426ffb699c34b59279523b01a6327d72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11sup.sofortchancen.de/
Origin: https://11sup.sofortchancen.de
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168079
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 07:44:01 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7b187b31119631622a0de2ca08cd3b2e63ac43edc3baa4b75d404da01e41e64

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5.eb7baa8d944dc4180981.js Show response
static.cleverpush.com/sdk/chunk/ 34 KB
9 KB 45ms
44ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.eb7baa8d944dc4180981.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a64cfc4c0d97dcabec4eb950ee82d4658f774e293a988a7a754de32d368c761

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQQZTV9YKAXBBG85
age: 12346
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pi1bxZU5JqkQ2XResZQZ0kxiDrMTmkw5x1pMN1DZfvVNOvpx5WO0zQQj5UcsaxI6Vtqxnm1+Fq4=
last-modified: Thu, 06 Apr 2023 15:12:04 GMT
server: cloudflare
etag: W/"900354f929ef21be639f89adcd7b722c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYQ8DMA1wUiR04cYB%2BtnPKR%2BL7h3u9UEYQha7Aat7Hu75%2FozN3QSOM26FJ6xGpi7zIGviJxt0WH%2B%2BMEBsZLUJtC5mTPUHnwzC32GJnyoT7nVZ4csW5i595maLqdizM4aUduIjkNc6SBOQDd4oy%2F3UzED%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7b4043fbedb7376d-HEL

GET
H2 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ 5 KB
3 KB 62ms
61ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQQV7TAH3HQE9SD8
age: 12346
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +M3KCYJ+EuOANFKHMNUbH83F7j4s4eU9LG0LGq7ebM5UI1xIe3oY1aElDp12zP3JhlDWZENADTs=
last-modified: Thu, 06 Apr 2023 15:12:04 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cl2Yu%2BuuE8aUkIdRWA%2BPkuOJxjh1FTu4cdLQIGPuITNC9RvX9NvVgd%2FWg4yuyw54uOzAQ932fE3kKyX3Aew0XN8ZRP%2BqXQB98BgWQ7M1oNVrmbNcdFqnWelPIeBPXtGg5tnxppnxs9WJPOaZ5KpLd9tFww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7b4043fbedba376d-HEL

GET
H2 200 115.2b1e988b31d49750e72d.js Show response
static.cleverpush.com/sdk/chunk/ 14 KB
4 KB 46ms
45ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/115.2b1e988b31d49750e72d.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6be796b6c9cb934a37df2c899803cac24d04662a4db5cab1b2387ad066a900a5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQQRZ63M3RH6TC1A
age: 12346
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Qd3ZMLeePinO6hKhZggxV3Q1FdtqifuQ0DjndM5GN493kTAG1DRrV8QkhW/d1epxOkAO9hdyudA=
last-modified: Thu, 06 Apr 2023 15:12:04 GMT
server: cloudflare
etag: W/"c80d36d150a6a273ff2e0ce5e80bb3be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLhhwJ3fGNgzrrZq1GtFnzN1owi7ImXGV2asNbnt3%2BjwzF6kYGw23aVszGVGzLsQXeA%2FeQwp%2FIiqd8nVSu8TY6XRDcRYb6xnthbpm1rOsHq6CCZK4mchC%2BNa38tDGoLg6AqzGkQt7HdYJGRd454CSU7u1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7b4043fbedbe376d-HEL

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D38F 47 KB
26 KB 84ms
83ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly8xMXN1cC5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=fi&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=6yx0iooe3he2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__fi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

34173dd02adba3128f5c51d7134abf8dbaa6f70cc1820c2e18985d91e116f420

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EI97fQVvNN6ILOdn4v6YIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://11sup.sofortchancen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26102
content-security-policy: script-src 'report-sample' 'nonce-EI97fQVvNN6ILOdn4v6YIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Apr 2023 06:38:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 iframe Show response
arctollceoo.mycleverpush.com/ Frame 8EAC 71 KB
27 KB 214ms
67ms Document
text/html 116.203.55.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2F11sup.sofortchancen.de

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.203.55.53 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.53.55.203.116.clients.your-server.de

Software

Resource Hash

cea40d8a20a98ca3cc7b8ae5a3bf89f30f2812b57f5231fc0858af5638c85cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://11sup.sofortchancen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 07 Apr 2023 06:38:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-44
x-cache-status: HIT
x-robots-tag: noindex

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame D38F 55 KB
24 KB 186ms
61ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly8xMXN1cC5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=fi&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=6yx0iooe3he2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 16:07:34 GMT

GET
H3 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame D38F 409 KB
164 KB 217ms
91ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__fi.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86aea22cc2369e7d26b95e800900428426ffb699c34b59279523b01a6327d72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168079
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 07:44:01 GMT

GET
H3 200 5.eb7baa8d944dc4180981.js Show response
static.cleverpush.com/sdk/chunk/ Frame 8EAC 34 KB
10 KB 67ms
66ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.eb7baa8d944dc4180981.js
Requested by: Host: arctollceoo.mycleverpush.com
URL: https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2F11sup.sofortchancen.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a64cfc4c0d97dcabec4eb950ee82d4658f774e293a988a7a754de32d368c761

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://arctollceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQQZTV9YKAXBBG85
age: 12346
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pi1bxZU5JqkQ2XResZQZ0kxiDrMTmkw5x1pMN1DZfvVNOvpx5WO0zQQj5UcsaxI6Vtqxnm1+Fq4=
last-modified: Thu, 06 Apr 2023 15:12:04 GMT
server: cloudflare
etag: W/"900354f929ef21be639f89adcd7b722c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVG9%2BBqegCnLD%2Bl3OmaD34oG9egTjRXh4uQsLi%2FIypz0toxEx7WMl2afBnDNewAviEMMZMqJNnlzWnAk79u0LB1wiJU9rhMqbBztQpsx1XuExfg9z9sx62INfXMHMC%2FkL9z1DYR5xVSd3uVtYfDCzTJuKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7b4043fe3a7dd963-HEL

GET
H3 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ Frame 8EAC 5 KB
3 KB 63ms
62ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: arctollceoo.mycleverpush.com
URL: https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2F11sup.sofortchancen.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://arctollceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQQV7TAH3HQE9SD8
age: 12346
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +M3KCYJ+EuOANFKHMNUbH83F7j4s4eU9LG0LGq7ebM5UI1xIe3oY1aElDp12zP3JhlDWZENADTs=
last-modified: Thu, 06 Apr 2023 15:12:04 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjoJrKsKbRU44napMPnehFezMYKvCnXH%2BW5i%2Bf6xGkm1%2B75xC8f8q7D7lSkJrj3LJHQLFLLtU%2FLe7Ui%2FJV0fRHf9fTzF29WSnV4eeZlrd26dCbV67QCBDHy1DDsgdB4gCuMjX%2Bcp4eI5aifLuN6CO4EDBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7b4043fe3a84d963-HEL

GET
H3 200 818.d14fa91e68327303b09f.js Show response
static.cleverpush.com/sdk/chunk/ Frame 8EAC 7 KB
3 KB 94ms
93ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/818.d14fa91e68327303b09f.js
Requested by: Host: arctollceoo.mycleverpush.com
URL: https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2F11sup.sofortchancen.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c68a7f7fef86917a386e37dceb47e6df66e3a33218035c64b02d4443c20d07

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://arctollceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C36PRPXT3Z0JVJ53
age: 12344
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xN08x5bYVZaNpd93jf0O6XOdQ7hPEgMgDj9DAZjwfJEImtW9KIDNarXMTEIT/Duv+rWsuJBAdmM=
last-modified: Thu, 06 Apr 2023 15:12:05 GMT
server: cloudflare
etag: W/"8fe57e5118d81b50c3d9d49a9c617931"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5PRSXQD%2BIaAwumpi77rdYj2TkMd8h7kTkUJ4WWX44kHAgeg9xnS%2BFNtD5gJ3cuLBU7JRgi7DOz%2BXYATGPdlnfPdTgWyA2Mtc9E8baA1Pl2sPLDw0LmpjXmGNjLpzTFIUuDaqcf7cOI2isPy9n2M3Zx1BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7b4043fe3a88d963-HEL

GET
H3 200 103.723d7d2c1f459bc8bb33.js Show response
static.cleverpush.com/sdk/chunk/ 96 KB
22 KB 56ms
56ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/103.723d7d2c1f459bc8bb33.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0096d8abf9832a59cb36c723ded3dd921432f134e887a5f0d8b7821a9876a743

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6Q1FW2KMC0E84X7Y
age: 28302
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UaD4IjDjoxJ1Zf2W6IX5szqoG3D3w2Oj8IWi82dkE10nYO2OI6KXzHxyhzY/y90Cnm1pz9kOGLc=
last-modified: Thu, 06 Apr 2023 10:46:09 GMT
server: cloudflare
etag: W/"fba09f0a1fd8e7dd17acf513393f116f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lg28pOHXMExuSKMeHyNmvh3pMtnd0PQJtZnoCkicaN8bCPj1zsoEjDNyt%2FGiLAd3%2Brp3rqA%2Fv0H3ObblG%2BHFwdmy6hsVjIk8uUe91FKfdcv8y09rbu%2FWKSagb3R84efhzfkuzi%2BDkeT5HYSP3fF1nkkc7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7b4043fedda8d963-HEL

GET
H3 200 720.2c37f0013cc1e09b85ae.js Show response
static.cleverpush.com/sdk/chunk/ 47 KB
11 KB 117ms
117ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.2c37f0013cc1e09b85ae.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c4825b087764b44779cb9efe0a1f63509dbe7f0c1ce505feb9f4ff3c1a4f41

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C36Q0873Y4YTYSE4
age: 12342
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: yn8Q7ivuLF4ABJ8eeyfa05IwpYKHlfL+wPPUsOPtL92JqgZCt9aJoaphf44r6toW3uT3dpw0Jok=
last-modified: Thu, 06 Apr 2023 15:12:05 GMT
server: cloudflare
etag: W/"8314267f4cb1f7d2128aea732d5096e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVW0u2ATSzLj%2BbXR6wXVXydrW9kiWmjKtY5AxXrgyGWNzJ5KTe65fJc2R1sJAQLDbEVUMp6Wg1W9Mk08g%2Bf%2BQmgrOB19wAy4opmgSmsk0GNHumDlr4dod78ThzoZyCRU%2BaeEI09FtdiFctVtoaQdvuvPrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7b4043feddb1d963-HEL

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D38F 2 KB
2 KB 64ms
64ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 563572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D38F 15 KB
15 KB 63ms
62ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:05 GMT
x-content-type-options: nosniff
age: 245219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D38F 15 KB
15 KB 74ms
73ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 245222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:02 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D38F 102 B
134 B 69ms
69ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=fi&v=6MY32oPwFCn9SUKWt8czDsDw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4515478bdfff79c6b68389cb0adc8edf96b60415ca5db4b6aafb1b6561ae9bae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly8xMXN1cC5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=fi&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=6yx0iooe3he2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 07 Apr 2023 06:38:04 GMT

GET
H3 200 728.f7dc15f59017ed1bebf1.js Show response
static.cleverpush.com/sdk/chunk/ 26 KB
8 KB 44ms
43ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/728.f7dc15f59017ed1bebf1.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 312a55a7a5a7fb0af99434ea61403a479daa9a077b913d52add9886768ed0721

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DKSXRMCBQWYDTNR1
age: 12261
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HwN6+onjECTyRLwrvrePK/hdnO3WO5ucP3H9Y2VZHIcJe3S1hjb20TZuydV+WMXfxTnExW/6OgY=
last-modified: Thu, 06 Apr 2023 15:12:05 GMT
server: cloudflare
etag: W/"4f428e3da12740e2321fb4a5e5c7d15b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbW72GJT37BiHY9t8TB0c%2Fi9YyMogLHX1DzU58j73tFPaZMBivsTsgN97%2Bl6H3Kk1Wzl9DlTKNRXa04fU7vm0Our%2FUXQbTwYgTE12TCCOTKm25RwWLpI5mfHFL0FRSGuCKIOBYbuklXV5EJ%2FlNYs%2FgOGcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7b404400295dd963-HEL

POST
H2 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
379 B 78ms
77ms Fetch
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://11sup.sofortchancen.de/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Apr 2023 06:38:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6Plqk%2FAJpYDz3TgBGr7CLzKa79m8bXWYANoUEp7tM2n533ksWnxDy%2FIr5M4Ph3waUTCN0ZY%2FISuh2dNbMaJtjf%2BmvZf6onNbfIbo4z9DM9J3BVJSpF%2F7ZRHcqFRYICnwvBkYBmKSaB1YJg2Ok60cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 7b40440139ec3766-HEL
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

OPTIONS
H2 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 150ms
72ms Preflight
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://11sup.sofortchancen.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7b404400b8d23766-HEL
content-length: 0
content-type: application/json; charset=utf-8
date: Fri, 07 Apr 2023 06:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RowU2EkS5AH%2BB4LdeNLe%2FAIrKWXfT482TNre43r98Z1CMc0HMALvFNngpkyaLf3zKtzYg%2F8CmdVmul7UPWUbO6EWs17AHUM29ECXRdyUQcC%2F62FQ7W2ERR1WESz46hcKD94Y0TFwony0%2FKZYrBgvTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 499.9985a935289708bf13c2.js Show response
static.cleverpush.com/sdk/chunk/ 2 KB
1 KB 48ms
48ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/499.9985a935289708bf13c2.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 151b25deaef38f2a72a0e1ee11f9ddc895ed4d1c9290da0ee58fbe2f3d3e9320

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WK1S44QVN0Q9S06B
age: 10649
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YrDehhkwTiyoUjTas1LH1fmtcmWSmo3ZjNEOmFVYTKaZc3NRmt5QtkvRduKJXVzYY9QykWzWrfo=
last-modified: Thu, 06 Apr 2023 15:12:04 GMT
server: cloudflare
etag: W/"c45b7ce9e07aa220d832612704ede749"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZ5Dt8ok%2Fj3Cerx9MM4kDKj4VlPSGgcVz3GvsOR%2B7VIS%2BMZ01WyGvPWRxga4qPmFeHCLGFzxZgaeipYyJZKftOGmzHVEzf3TdT6nSlrxLF2LXjJmWoAUEilTQv8I2xlHvfU5yZPlsE2g4gGvtpY7dDbU2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7b4044007a2ed963-HEL

POST
H3 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
614 B 90ms
90ms Fetch
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://11sup.sofortchancen.de/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Apr 2023 06:38:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dl6gnaQTUaKYhw%2Fu5ke67yUo9wOSUXi6iaXqHp%2Fmw6SIQmXNWg0eDKnBE1zNPhLfvtH8MNeUsYyuxqzYpKIzWk15SaK8yI34Tj90cdAYm08mGa5S0vfXC%2FmM6s7U4eGxSVnLs6blx%2BlBLdN47IuIXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 7b404406e9aad95f-HEL
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

GET
H3 200 defaultChannelIcon.png
static.cleverpush.com/app/images/ 732 B
1 KB 71ms
71ms Image
image/png 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:38:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RA6GTNHD9JJ0HG2A
age: 253671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 732
x-amz-id-2: BHofa2mgOHfVZxz3pD2DjmH2H4b0qOO5FnXOIdQRBk5yDwcPZVLy39uRIbs/n2/spR5dLXtf3Ss=
last-modified: Mon, 21 Oct 2019 13:42:31 GMT
server: cloudflare
etag: "dada142d4861c864d8d63e8cd5dd22dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Zv2ZdWGqkc%2B3FzSbzfZtZWOrzUOOgOHz8IQvoQfew%2FMxNsZ7EPj%2FOQUGXNrTP72oL5BA2k2DY5cmabUKxk5EsGy%2BHVS%2BXfDvRkBFrOeXgH800hHsT5rZ6YBvrVG2X1OmtCZhUt9axCDomHNp%2BogAj5u7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2628000
accept-ranges: bytes
cf-ray: 7b4044067d70d963-HEL

OPTIONS
H3 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 72ms
72ms Preflight
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://11sup.sofortchancen.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7b404406788ad95f-HEL
content-length: 0
content-type: application/json; charset=utf-8
date: Fri, 07 Apr 2023 06:38:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQfKDL4r60yumNZ9ULtcPNxcnnKfmw%2B5Sbtiwrod10Y4aBHFScdfrr0cN1SkNrO1%2F6MqQV59ezYwTHw671sZTOYIwl4q12ytT4q%2FGlF6gopNcFWILsADyO8r7D6JzQG%2Bwwlp5M4d6cJFwTa9GRp3KA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gfstrck.com/	1970-01-20 13:03:45	Name: gdm_sid_v2_3_001 Value: eZIBYy7KrhA+lTx4jcuvclp9Bwb6QQcaRvi3e9tLEhl0lzmdbLUDIy/gMGq8K04Q2lu3tszET5JwfX/aP44N6lzPDbW0A6dq0PHjvQhFLElkAgqTL0uP1J3a6QXx00IVm+oH4NaX2O0a+eql+EZgF6hSblWloFGII31Qk3BIulsapB2DJ1DwhlI3EHOjlKIwFW7d2PlrPUjUOBCBNWmU+RWjMIaCMMgwUpWkxihy+1/DvcGwZLhbzurwVY24wNnK3ekOrG8VSWmHftmoBLH3+OydhVSPeTU/eEShXMhA+Xbaa31IprCZ2Ywv4ykAYgchUUZU+E9b22IzTwiEKF2hHgb3csYqq66CaQRxJKieSi6ZezE4iA+4Md4ba++6kyG1R3govRJCTn1f3nglXJv6refxvS0YIA2Mmw+Ee/9c274Jkgvp661ZrNWJxWmV3Zlngy17vV8Jxj0W5TcV8ZXmR7GtUDxWGOEpIM3XX6nM6horrrLI71lHh0f/aEJFjGGvDd19nePoyl3XAhXGvHtP3Q1MqG9qCTkl+hG2q7gb/gjdWbw9zTW++BqI7NwnRynSmqFgpWINzpN0BpW31aGst+L5ximBWYhdkwFf+l5v/pADz1ediTpYWM3mwLC30qG5CkrszVSIhJFclmSLdS0ziJ34rF4Q8iVqDSJaFLZ6zruqYz4WJDdd2oQw7B08Q07Vdvmgysf0rouj0L8b2ulkeJGBjurG3VkPA7lmZkR831+wgKpyn9x3ImZuFbW+1/3HabSjyRywAbOMBkpjRmn+sLW/BF687zBuTXiKtjjW/TVF+AdQlrMsCbq2GS+QI1QhNWP0X/KOiNd/DU1fvNYq0xKhGz2pUUMCP2r8ef+qIiHYyM8EJme3Jkn0h8Xnb51uHXgfYC7N4u2Pm4hvUlCstKh/gO/NZiuDU6GRKb2UE7j06SQf3c4oS2LTdYT1wZei8UCqbjlrOqMfKGnlv1S3dQA1z1vUH/tkMv3gLaVnNCPkpOXzjrQfFwZA5YR3MeiTGXwFGYxUMFbGsfB/mKDhXca/ZN3VbAG8A5ANQZHwULVGxFoe+u7JkF80TSA3/6Qd
.gfstrck.com/	1970-01-20 13:03:45	Name: gdm_uid_v2_1_001 Value: +s6tZMRo1gUOUB2wGo59/8mVk7j2WB6WlbVQWHt8L0X1Vgm/mj1IrSAW/ienvvQh
.gfstrck.com/	1970-01-20 13:03:45	Name: gdm_click_adv_freq_v2_1_001 Value: ItQKhivqWp0BawSbEFtyChaHlkueqJocf4/TbIhfs+7xO+w54zi+n8YfBqrqAWiR
.gfstrck.com/	1970-01-20 13:03:45	Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.gfstrck.com/	1970-01-20 13:03:45	Name: gdm_uid_v1_1_001 Value: +s6tZMRo1gUOUB2wGo59/8mVk7j2WB6WlbVQWHt8L0X1Vgm/mj1IrSAW/ienvvQh
.gfstrck.com/	1970-01-20 13:03:45	Name: gdm_sid_v1_3_001 Value: eZIBYy7KrhA+lTx4jcuvclp9Bwb6QQcaRvi3e9tLEhl0lzmdbLUDIy/gMGq8K04Q2lu3tszET5JwfX/aP44N6lzPDbW0A6dq0PHjvQhFLElkAgqTL0uP1J3a6QXx00IVm+oH4NaX2O0a+eql+EZgF6hSblWloFGII31Qk3BIulsapB2DJ1DwhlI3EHOjlKIwFW7d2PlrPUjUOBCBNWmU+RWjMIaCMMgwUpWkxihy+1/DvcGwZLhbzurwVY24wNnK3ekOrG8VSWmHftmoBLH3+OydhVSPeTU/eEShXMhA+Xbaa31IprCZ2Ywv4ykAYgchUUZU+E9b22IzTwiEKF2hHgb3csYqq66CaQRxJKieSi6ZezE4iA+4Md4ba++6kyG1R3govRJCTn1f3nglXJv6refxvS0YIA2Mmw+Ee/9c274Jkgvp661ZrNWJxWmV3Zlngy17vV8Jxj0W5TcV8ZXmR7GtUDxWGOEpIM3XX6nM6horrrLI71lHh0f/aEJFjGGvDd19nePoyl3XAhXGvHtP3Q1MqG9qCTkl+hG2q7gb/gjdWbw9zTW++BqI7NwnRynSmqFgpWINzpN0BpW31aGst+L5ximBWYhdkwFf+l5v/pADz1ediTpYWM3mwLC30qG5CkrszVSIhJFclmSLdS0ziJ34rF4Q8iVqDSJaFLZ6zruqYz4WJDdd2oQw7B08Q07Vdvmgysf0rouj0L8b2ulkeJGBjurG3VkPA7lmZkR831+wgKpyn9x3ImZuFbW+1/3HabSjyRywAbOMBkpjRmn+sLW/BF687zBuTXiKtjjW/TVF+AdQlrMsCbq2GS+QI1QhNWP0X/KOiNd/DU1fvNYq0xKhGz2pUUMCP2r8ef+qIiHYyM8EJme3Jkn0h8Xnb51uHXgfYC7N4u2Pm4hvUlCstKh/gO/NZiuDU6GRKb2UE7j06SQf3c4oS2LTdYT1wZei8UCqbjlrOqMfKGnlv1S3dQA1z1vUH/tkMv3gLaVnNCPkpOXzjrQfFwZA5YR3MeiTGXwFGYxUMFbGsfB/mKDhXca/ZN3VbAG8A5ANQZHwULVGxFoe+u7JkF80TSA3/6Qd
.gfstrck.com/	1970-01-20 13:03:45	Name: gdm_click_freq_v2_1_001 Value: 5PvJx+fXKSIzyMRgjrCmv1h49exnomkroKcNTKhWSWhaB1YFcPpw+KcX744YY6Vl
.gfstrck.com/	1970-01-20 13:03:45	Name: gdm_click_adv_freq_v1_1_001 Value: ItQKhivqWp0BawSbEFtyChaHlkueqJocf4/TbIhfs+7xO+w54zi+n8YfBqrqAWiR
.gfstrck.com/	1970-01-20 13:03:45	Name: gdm_click_freq_v1_1_001 Value: 5PvJx+fXKSIzyMRgjrCmv1h49exnomkroKcNTKhWSWhaB1YFcPpw+KcX744YY6Vl
.gfstrck.com/	1970-01-20 13:03:45	Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
ihre-tageschance.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6a2089fbc3a7ba1ad7d70f95035c97e7
ihre-tageschance.de/	1970-01-20 11:37:21	Name: coyoteTrackingCookie_1723 Value: 490315898
ihre-tageschance.de/	1970-01-20 11:37:21	Name: coyoteSimpleTrackingCookie Value: 490315898
11sup.sofortchancen.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6520d1ec06f0f934548534e1a86ce008
11sup.sofortchancen.de/	1970-01-20 10:54:23	Name: coyoteAffiliTokenId2728 Value: 490315898
.sofortchancen.de/	1970-01-20 20:30:09	Name: _ga Value: GA1.2.2025762212.1680849483
.sofortchancen.de/	1970-01-20 10:55:35	Name: _gid Value: GA1.2.1822483817.1680849483
.sofortchancen.de/	1970-01-20 10:54:09	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11sup.sofortchancen.de
ajax.aspnetcdn.com
api.cleverpush.com
arctollceoo.mycleverpush.com
fonts.gstatic.com
gfstrck.com
ihre-tageschance.de
static.cleverpush.com
stats.g.doubleclick.net
t.usakaw.link
uptz.kiteei.com
www.google-analytics.com
www.google.com
www.google.fi
www.gstatic.com
116.203.55.53
152.199.19.160
188.95.252.36
2606:4700:20::681a:f1f
2606:4700:20::ac43:47b8
2606:4700:3031::ac43:b88a
2606:4700:3034::ac43:d793
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9d
2a05:d018:483:6130:a842:7dc3:1a59:a57
0096d8abf9832a59cb36c723ded3dd921432f134e887a5f0d8b7821a9876a743
03c4825b087764b44779cb9efe0a1f63509dbe7f0c1ce505feb9f4ff3c1a4f41
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e8e0e58a0c5a5e3f02b9167ed381b7cd5cd9907d8e29d2f4a01b9673e92fea2
151b25deaef38f2a72a0e1ee11f9ddc895ed4d1c9290da0ee58fbe2f3d3e9320
15e9a4546d5ac8af8c3b083aa33a81541a69691625ce72cdb5e6fc1475b0c8c8
18fd591fd0c632708863aacb644fbe4b791def15db3a585dca2bb3669b710b76
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c6fe7788adde7a591c9610f00f718f0bd796026e9e2334087bef190abb68030
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
312a55a7a5a7fb0af99434ea61403a479daa9a077b913d52add9886768ed0721
34173dd02adba3128f5c51d7134abf8dbaa6f70cc1820c2e18985d91e116f420
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
425afd9a7a5108ad89c3ee927323884bfe7d43d9eba87195e19d88f1e2c99853
4515478bdfff79c6b68389cb0adc8edf96b60415ca5db4b6aafb1b6561ae9bae
4a4c46b8a193ff0825d07a0f3fe6c3b9df535ce9b26371a81be2384afbf0b30b
4ae3f0aeaed47d59feed0ca22cde085094db837bac5d122f48c28f683cf006c9
4cb18a88ad0c38c0fd96673a51c77df277826ee27a05d97263e8344541eab70b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
6be796b6c9cb934a37df2c899803cac24d04662a4db5cab1b2387ad066a900a5
79e06f1eed12d69174cf42a5e498858f9aa4dc6adaa9ad7043d387d3ef1e3c7d
7a3b23ef6057020443c65826159fbd95ab2648616acc583af05bec3c4a47e04b
80c68a7f7fef86917a386e37dceb47e6df66e3a33218035c64b02d4443c20d07
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855aad4742594f975c954db8924161495778d924cca3fb34a1aaea075f766621
86aea22cc2369e7d26b95e800900428426ffb699c34b59279523b01a6327d72d
895562fb3ab5dec78b28196e26938382110e8d1b109d54e99f736581d3f9bfaf
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98dc425eed47a4dee56a2607c5e5b46c3c82a94e885594cf7ff41286c8d75d83
9a64cfc4c0d97dcabec4eb950ee82d4658f774e293a988a7a754de32d368c761
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b71af4aacfcf6686ecc6f95f30cfed1038c4bcb1a91229cd2cd3e44387f447e5
c8f4db5cb5de6f37e5c8c89b69a21092e444ce66d65da692f2b297007a0c2963
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cea40d8a20a98ca3cc7b8ae5a3bf89f30f2812b57f5231fc0858af5638c85cd6
cfc30b95a5989ba120988b3a9363be63ea4dcdba3c581f1dde3608092c031cad
d8d7032bfb124576109d7c30ee7704ebda7ca9d649e6b91e372d2d6d2761983e
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e7b187b31119631622a0de2ca08cd3b2e63ac43edc3baa4b75d404da01e41e64
eb3eb3234394fd402890dd7269e4e35ffb9b4df7d0caba5eccc84f2cced2fbb9
ed3686f157f542dd6350eebe1cb91b236f2030532c0c358974edccb65fab12d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10c7420cd429dc2d0b771b219a61a57c6ae5d5e05399daff85dd3cfab173761
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48

11sup.sofortchancen.de Open in urlscan Pro 188.95.252.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

79 %IPv6

13 Domains

15 Subdomains

12 IPs

5 Countries

1307 kBTransfer

2390 kBSize

18 Cookies

13 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

11sup.sofortchancen.de Open in urlscan Pro
188.95.252.36 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

15
Subdomains

12
IPs

5
Countries

1307 kB
Transfer

2390 kB
Size

18
Cookies

57 HTTP transactions
2 data transactions