amz-15promax-sg01.sofortchancen.de Open in urlscan Pro
188.95.252.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gflnlvd.com/
Effective URL:
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Submission: On May 20 via api (May 20th 2024, 8:27:29 am UTC) from BE — Scanned from DE

Summary HTTP 51 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 18 domains to perform 51 HTTP transactions. The main IP is 188.95.252.36, located in Spain and belongs to RACKMARKT, ES. The main domain is amz-15promax-sg01.sofortchancen.de.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 20th 2024. Valid for: 3 months.

This is the only time amz-15promax-sg01.sofortchancen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	47.252.93.52 47.252.93.52	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 2	2600:9000:211... 2600:9000:211a:1a00:11:c066:4a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:261... 2600:9000:2611:5000:1a:e991:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	155.138.218.204 155.138.218.204	20473 (AS-CHOOPA) (AS-CHOOPA)
1 1	2001:1af8:510... 2001:1af8:5100:a003:2::	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 4	54.208.166.52 54.208.166.52	14618 (AMAZON-AES) (AMAZON-AES)
1 1	188.95.252.33 188.95.252.33	197518 (RACKMARKT) (RACKMARKT)
12	188.95.252.36 188.95.252.36	197518 (RACKMARKT) (RACKMARKT)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
14	172.67.71.184 172.67.71.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
5	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1d::9a	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	159.69.45.25 159.69.45.25	24940 (HETZNER-AS) (HETZNER-AS)
51	16

1 47.252.93.52 (United States) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

gflnlvd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211a:1a00:11:c066:4a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

track.cornzself.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2611:5000:1a:e991:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

track.pairfitem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 155.138.218.204 (Atlanta, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 155.138.218.204.vultrusercontent.com

go.beterwat.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:1af8:5100:a003:2:: (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

hpv0o.rdtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.208.166.52 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-166-52.compute-1.amazonaws.com

gowedoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.95.252.33 (Spain) 1 redirects

ASN197518 (RACKMARKT, ES)
PTR: master.ceoo.cli.rackmarkt.com

gewinn-ometer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 188.95.252.36 (Spain)

ASN197518 (RACKMARKT, ES)

amz-15promax-sg01.sofortchancen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.67.71.184 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.45.25 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.25.45.69.159.clients.your-server.de

arctollceoo.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 24654 api.cleverpush.com — Cisco Umbrella Rank: 21697	140 KB
12	sofortchancen.de amz-15promax-sg01.sofortchancen.de	414 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3095	1 KB
4	gowedoo.com 3 redirects gowedoo.com	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7810	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	409 B
2	cornzself.com 1 redirects track.cornzself.com	2 KB
1	mycleverpush.com arctollceoo.mycleverpush.com
1	gstatic.com www.gstatic.com	207 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	916 B
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 2465	86 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	104 KB
1	gewinn-ometer.com 1 redirects gewinn-ometer.com	772 B
1	rdtk.io 1 redirects hpv0o.rdtk.io	931 B
1	beterwat.xyz 1 redirects go.beterwat.xyz	369 B
1	pairfitem.com track.pairfitem.com — Cisco Umbrella Rank: 857966	911 B
1	gflnlvd.com 1 redirects gflnlvd.com	562 B
51	18

	Domain	Requested by
12	amz-15promax-sg01.sofortchancen.de	track.pairfitem.com amz-15promax-sg01.sofortchancen.de
10	static.cleverpush.com	amz-15promax-sg01.sofortchancen.de static.cleverpush.com
7	www.google-analytics.com	amz-15promax-sg01.sofortchancen.de www.google-analytics.com
4	api.cleverpush.com	static.cleverpush.com
4	gowedoo.com	3 redirects ajax.aspnetcdn.com
3	region1.analytics.google.com	www.googletagmanager.com
3	www.google.com	amz-15promax-sg01.sofortchancen.de www.gstatic.com
2	www.google.de	amz-15promax-sg01.sofortchancen.de
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	track.cornzself.com	1 redirects
1	arctollceoo.mycleverpush.com	static.cleverpush.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	amz-15promax-sg01.sofortchancen.de
1	ajax.aspnetcdn.com	amz-15promax-sg01.sofortchancen.de
1	www.googletagmanager.com	amz-15promax-sg01.sofortchancen.de
1	gewinn-ometer.com	1 redirects
1	hpv0o.rdtk.io	1 redirects
1	go.beterwat.xyz	1 redirects
1	track.pairfitem.com	track.cornzself.com
1	gflnlvd.com	1 redirects
51	20

This site contains links to these domains. Also see Links.

Domain
www.daydreams.de
www.mirabo.at
www.mirabo.ch
www.burda-versichert.de
www.bluemediaads.com
www.meinungsclub.de
digitales-sanitaetshaus.de
elitepremiumservice.com
de.testclub.com
www.experian.co.uk
www.mdeg.co.uk
www.pmiprivacy.com
we-doo-affiliate.com

Subject Issuer	Validity	Valid
track.cornzself.com Amazon RSA 2048 M02	`2024-04-30` - `2025-05-29`	a year	crt.sh
track.pairfitem.com Amazon RSA 2048 M02	`2024-05-09` - `2025-06-07`	a year	crt.sh
amz-15promax-sg01.sofortchancen.de cPanel, Inc. Certification Authority	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-01-30` - `2025-01-30`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cleverpush.com E1	`2024-04-30` - `2024-07-29`	3 months	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gowedoo.com AlphaSSL CA - SHA256 - G4	`2023-09-15` - `2024-10-16`	a year	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-16` - `2025-06-16`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Frame ID: DE188AB295E2440E46DC674C273A0746
Requests: 46 HTTP requests in this frame

Frame: https://gowedoo.com/p.ashx?e=15&t=&r=472-14632410&ch-redir=1
Frame ID: C58D09A615CCE436358761055BB1A481
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9hbXotMTVwcm9tYXgtc2cwMS5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=sk60npcfntj7
Frame ID: 2FEF5CCE862610A4733C74A5130E01FB
Requests: 1 HTTP requests in this frame

Frame: https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de
Frame ID: 91F71A08A7BF7F1DE3849C5F6C346AC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon-Gutschein + iPhone 15 Pro Max

Page URL History Show full URLs

http://gflnlvd.com/ HTTP 307
https://gflnlvd.com/ HTTP 307
http://gflnlvd.com/ HTTP 302
https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7... HTTP 307
https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3... Page URL
https://track.pairfitem.com/redirect?target=BASE64aHR0cHM6Ly9nby5iZXRlcndhdC54eXovdHMzODU5LWludGVybmF0aW... Page URL
https://go.beterwat.xyz/ts3859-international-general&cid=w4k17eqg8q0vj0e1jvu41t6c&thru=8cbcb62e-691d... HTTP 302
https://hpv0o.rdtk.io/660585361640420001c9bd00?sub1={3859}&sub2=&sub3=&sub4=181420155&sub5=91715&s... HTTP 302
https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=664b096803af310001d44032 HTTP 302
https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=664b096803af310001d4403... HTTP 302
https://gewinn-ometer.com/de,amazon,1,000,and,iphone,15,pro,max,no,prl,tmp,184,sofortgewinn,optin,popu... HTTP 302
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-1... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

51
Requests

100 %
HTTPS

45 %
IPv6

18
Domains

20
Subdomains

16
IPs

5
Countries

977 kB
Transfer

2002 kB
Size

17
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.daydreams.de/datenschutz
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://www.mirabo.at/nvg-at/content/datenschutzinformation-nach-art-14-dsgvo,549/
Title: https://www.mirabo.at/nvg-at/datenschutzinformation

Search URL Search Domain Scan URL

URL: https://www.mirabo.at/datenschutzinformation
Title: Datenschutzinfo AT

Search URL Search Domain Scan URL

URL: https://www.mirabo.ch/datenschutzinformation
Title: Datenschutzinfo CH

Search URL Search Domain Scan URL

URL: https://www.burda-versichert.de/de/cms/datenschutzinformation-art-14.html
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: http://www.bluemediaads.com/GDPR_EN-DE.html
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.meinungsclub.de/static/privacy
Title: https://www.meinungsclub.de/static/privacy

Search URL Search Domain Scan URL

URL: https://digitales-sanitaetshaus.de/
Title: https://digitales-sanitaetshaus.de/

Search URL Search Domain Scan URL

URL: https://elitepremiumservice.com/datenschutz.html
Title: Datenschutzinformation nach Art. 14 DSGVO

Search URL Search Domain Scan URL

URL: https://de.testclub.com/terms-of-use/
Title: https://de.testclub.com/terms-of-use/

Search URL Search Domain Scan URL

URL: https://www.experian.co.uk/privacy/consumer-information-portal/
Title: https://www.experian.co.uk/privacy/consumer-information-portal/

Search URL Search Domain Scan URL

URL: https://www.mdeg.co.uk/
Title: https://www.mdeg.co.uk

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer/
Title: https://www.pmiprivacy.com/de-de/consumer/

Search URL Search Domain Scan URL

URL: https://we-doo-affiliate.com/affiliate-sign-up/
Title: www.we-doo-affiliate.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gflnlvd.com/ HTTP 307
https://gflnlvd.com/ HTTP 307
http://gflnlvd.com/ HTTP 302
https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY HTTP 307
https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY Page URL
https://track.pairfitem.com/redirect?target=BASE64aHR0cHM6Ly9nby5iZXRlcndhdC54eXovdHMzODU5LWludGVybmF0aW9uYWwtZ2VuZXJhbCZjaWQ9dzRrMTdlcWc4cTB2ajBlMWp2dTQxdDZjJnRocnU9OGNiY2I2MmUtNjkxZC00YzBiLTlmYTMtMTVjYzc3MTVmYmY4&ts=1716193640117&hash=k0sT_sjBYGYOwZ7SWPcGInUoqIvcF4ccwttTCuwNTME&rm=DJ Page URL
https://go.beterwat.xyz/ts3859-international-general&cid=w4k17eqg8q0vj0e1jvu41t6c&thru=8cbcb62e-691d-4c0b-9fa3-15cc7715fbf8 HTTP 302
https://hpv0o.rdtk.io/660585361640420001c9bd00?sub1={3859}&sub2=&sub3=&sub4=181420155&sub5=91715&sub6=DE&sub7=e5649409-c37e-475e-a46c-981907b59eab&sub8=8cbcb62e-691d-4c0b-9fa3-15cc7715fbf8&ref_id=GWC8H2SQ6P300GOR1YRNS3LM&cost=0.0 HTTP 302
https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=664b096803af310001d44032 HTTP 302
https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=664b096803af310001d44032&ch-redir=1&ckmxid=cp5giq5c0001n12vpfc0 HTTP 302
https://gewinn-ometer.com/de,amazon,1,000,and,iphone,15,pro,max,no,prl,tmp,184,sofortgewinn,optin,popup,arctoll,aff_2765.html?idPartner=1601&subId=224&subIdentifier=%7b3859%7d&additionalParamString=472-14632410&tpid=25 HTTP 302
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gflnlvd.com/ HTTP 307
https://gflnlvd.com/ HTTP 307
http://gflnlvd.com/ HTTP 302
https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY HTTP 307
https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY

Request Chain 33

https://gowedoo.com/p.ashx?e=15&t=&r=472-14632410 HTTP 302
https://gowedoo.com/p.ashx?e=15&t=&r=472-14632410&ch-redir=1

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

2 Show response
track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde/
Redirect Chain

http://gflnlvd.com/
https://gflnlvd.com/
http://gflnlvd.com/
https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY
https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY

918 B
2 KB

35ms
35ms

Document
text/html

2600:9000:211a:1a00:11:c066:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:1a00:11:c066:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e11995f02226b31716ebb9e673d0504d877d5e9cfccb22085ba00c6eb21c3e30

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-type: text/html;charset=UTF-8
date: Mon, 20 May 2024 08:27:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
via: 1.1 2acbf12c17a7f7f2ed99463cb4024586.cloudfront.net (CloudFront)
x-amz-cf-id: bo1V0fX2gCM6PX-docN4garRs51SkJgZC6yOzijSuM3uAp7SKf7ojA==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront

Redirect headers

accept-ch: sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-full-version-list,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Mon, 20 May 2024 08:27:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY
pragma: no-cache
server: nginx
via: 1.1 2acbf12c17a7f7f2ed99463cb4024586.cloudfront.net (CloudFront)
x-amz-cf-id: jjZ_dJWSrDmQGevp4WNIokYu8SPUPEZq4hSvwZaz8ToijiBT02HoRA==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront

GET
H2 200 redirect
track.pairfitem.com/ 584 B
911 B 111ms
32ms Document
text/html 2600:9000:2611:5000:1a:e991:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.pairfitem.com/redirect?target=BASE64aHR0cHM6Ly9nby5iZXRlcndhdC54eXovdHMzODU5LWludGVybmF0aW9uYWwtZ2VuZXJhbCZjaWQ9dzRrMTdlcWc4cTB2ajBlMWp2dTQxdDZjJnRocnU9OGNiY2I2MmUtNjkxZC00YzBiLTlmYTMtMTVjYzc3MTVmYmY4&ts=1716193640117&hash=k0sT_sjBYGYOwZ7SWPcGInUoqIvcF4ccwttTCuwNTME&rm=DJ
Requested by: Host: track.cornzself.com
URL: https://track.cornzself.com/f4a7b871-b787-4c12-a5d6-efa0f0b5bdde/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:5000:1a:e991:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-type: text/html;charset=UTF-8
date: Mon, 20 May 2024 08:27:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
via: 1.1 08f9b351f61685659ad70b790734f9b0.cloudfront.net (CloudFront)
x-amz-cf-id: o8HwSAmocHtpq8csYk3hYXvE1XF_QgWe_uBUD50RLyKr1yJ9Ihcggg==
x-amz-cf-pop: VIE50-P2
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

Primary Request campaign_4304.html Show response
amz-15promax-sg01.sofortchancen.de/
Redirect Chain

https://go.beterwat.xyz/ts3859-international-general&cid=w4k17eqg8q0vj0e1jvu41t6c&thru=8cbcb62e-691d-4c0b-9fa3-15cc7715fbf8
https://hpv0o.rdtk.io/660585361640420001c9bd00?sub1={3859}&sub2=&sub3=&sub4=181420155&sub5=91715&sub6=DE&sub7=e5649409-c37e-475e-a46c-981907b59eab&sub8=8cbcb62e-691d-4c0b-9fa3-15cc7715fbf8&ref_id=G...
https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=664b096803af310001d44032
https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=664b096803af310001d44032&ch-redir=1&ckmxid=cp5giq5c0001n12vpfc0
https://gewinn-ometer.com/de,amazon,1,000,and,iphone,15,pro,max,no,prl,tmp,184,sofortgewinn,optin,popup,arctoll,aff_2765.html?idPartner=1601&subId=224&subIdentifier=%7b3859%7d&additionalParamString...
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

257 KB
257 KB

1088ms
451ms

Document
text/html

188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Requested by: Host: track.pairfitem.com
URL: https://track.pairfitem.com/redirect?target=BASE64aHR0cHM6Ly9nby5iZXRlcndhdC54eXovdHMzODU5LWludGVybmF0aW9uYWwtZ2VuZXJhbCZjaWQ9dzRrMTdlcWc4cTB2ajBlMWp2dTQxdDZjJnRocnU9OGNiY2I2MmUtNjkxZC00YzBiLTlmYTMtMTVjYzc3MTVmYmY4&ts=1716193640117&hash=k0sT_sjBYGYOwZ7SWPcGInUoqIvcF4ccwttTCuwNTME&rm=DJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 78c5c005e2ee19b398878c739fa411995daeb972ad82a3dec5b5021bb0ca914c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://track.pairfitem.com/redirect?target=BASE64aHR0cHM6Ly9nby5iZXRlcndhdC54eXovdHMzODU5LWludGVybmF0aW9uYWwtZ2VuZXJhbCZjaWQ9dzRrMTdlcWc4cTB2ajBlMWp2dTQxdDZjJnRocnU9OGNiY2I2MmUtNjkxZC00YzBiLTlmYTMtMTVjYzc3MTVmYmY4&ts=1716193640117&hash=k0sT_sjBYGYOwZ7SWPcGInUoqIvcF4ccwttTCuwNTME&rm=DJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 May 2024 08:27:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 May 2024 08:27:21 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 112ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 May 2024 08:23:20 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 243
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 20 May 2024 10:23:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 320 KB
104 KB 142ms
37ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

391a9bbf64e8f3231bf27bebfce1eeab9988573c1bce0918ef0cfb5964f30eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 May 2024 08:27:23 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 86 KB
86 KB 114ms
15ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A7) /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 May 2019 18:32:11 GMT
server: ECAcc (ama/48A7)
age: 4938205
etag: "1bf3635b151d51:0"
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 88145
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 184.css
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteCss/ 39 KB
40 KB 169ms
69ms Stylesheet
text/css 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteCss/184.css
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: f51d3c011546a8d70239912ca1f349566e396f781da0757b351ced84ea2ff92a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:23 GMT
Last-Modified: Mon, 04 Mar 2024 13:28:09 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 40260
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 5 KB
916 B 119ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Teko:300,400,500,600,700

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecdb7e3fb838e846a1945c4e00b05eda1484169e3c5d5c945a80537ca7ceecde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 May 2024 08:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 May 2024 08:14:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 May 2024 08:27:23 GMT

GET
H3 200 4BPm8eKCLLtycAJE8.js Show response
static.cleverpush.com/channel/loader/ 337 KB
65 KB 99ms
26ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c2c9d78923a99c7437b50dd7c9ba2e8a41f76dcc4e13ae72cbf41c866372c95

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4T9SVZ2ZQV5PG4RX
age: 2483
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: j0P+ALtf9zLRCIQdVPNr4Kp+Lerjn9PQ1ujlf0EnIK/4yGDDaYNgFztKuHRyuVttKl+mapSpQ/uktH3LH6F6Pg==
last-modified: Sun, 19 May 2024 00:09:25 GMT
server: cloudflare
etag: W/"075851c1ea71740d22261a4e4ea08b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXCYFj5Hz4ccKmKHp%2FscKcdbZORWuvRrcMXVt2vJ%2BgIFSohbSuTlsigC6rjp8pxkR9rplFmGBbLpKKTd2SJpgVNCrNZz2H82p%2F4QkQqsuw9cpWjkFrYi3bMsa3FKQkPSefbGUh0SKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 886af2857e952c29-FRA

GET
H/1.1 200
OK e1,step1active.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/ 1 KB
1 KB 188ms
52ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/e1,step1active.png
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 847dd5d262cf68ae4360339ddff16dfdd4182246bb9dff0fc4b7de6ef432a033

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:23 GMT
Last-Modified: Tue, 05 Mar 2024 08:53:11 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1144
Content-Type: image/png

GET
H/1.1 200
OK step2.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/ 2 KB
2 KB 188ms
53ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/step2.png
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 7d193fbace08404a618d45b6381bc57b5326eb3861b15d0ceabc249a43b79885

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:23 GMT
Last-Modified: Tue, 05 Mar 2024 08:53:11 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1731
Content-Type: image/png

GET
H/1.1 200
OK step3.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/ 4 KB
4 KB 161ms
49ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/step3.png
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: a1eb2a3c06756218bf69dc7f1ab3d34b68198442a3beff5d45253a2e1bc27bc0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:23 GMT
Last-Modified: Tue, 05 Mar 2024 08:53:11 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 4355
Content-Type: image/png

GET
H/1.1 200
OK gift.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/ 4 KB
4 KB 162ms
50ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/gift.png
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: a44471d952f7eb2a8f4e4639772c14e3f7fdf0014a26f3da2f8d3ca2504f16a1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:23 GMT
Last-Modified: Tue, 05 Mar 2024 08:53:11 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 3797
Content-Type: image/png

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
973 B 104ms
20ms Script
text/javascript 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f4.1e100.net

Software

GSE /

Resource Hash

4e8d0a14f8cc5a8c936ab1d2f9548aef8c15a61d6402d8013ce0f80ccd55b587

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 20 May 2024 08:27:24 GMT

GET
H/1.1 200
OK rmodal.js Show response
amz-15promax-sg01.sofortchancen.de/templates/js/ 5 KB
5 KB 150ms
53ms Script
application/javascript 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://amz-15promax-sg01.sofortchancen.de/templates/js/rmodal.js
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 6f5e135c82fd06a89c90eb3dd9256af1981d3acc9031ab4c280945489ee44ff1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:23 GMT
Last-Modified: Tue, 04 May 2021 04:37:33 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 4883
Content-Type: application/javascript

GET
H/1.1 200
OK agbModal.js Show response
amz-15promax-sg01.sofortchancen.de/templates/js/ 9 KB
9 KB 152ms
54ms Script
application/javascript 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://amz-15promax-sg01.sofortchancen.de/templates/js/agbModal.js
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 7e972cfed3b2893663a5827e9726fa4b6ff5375b8d9abc2edd580243568027a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:23 GMT
Last-Modified: Tue, 04 May 2021 04:37:28 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 8796
Content-Type: application/javascript

GET
H/1.1 200
OK rmodal-no-bootstrap.css
amz-15promax-sg01.sofortchancen.de/templates/css/ 1 KB
1 KB 145ms
55ms Stylesheet
text/css 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://amz-15promax-sg01.sofortchancen.de/templates/css/rmodal-no-bootstrap.css
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: bbc10a31d1e970642919cefbb9103ec65e4796250e89112ebd04a73478ca3848

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:23 GMT
Last-Modified: Tue, 04 May 2021 04:37:21 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1106
Content-Type: text/css

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
222 B 47ms
42ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=980421989&t=pageview&_s=1&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D513807612%26additionalParamString%3D472-14632410%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACACI~&jid=2110225998&gjid=1167328772&cid=1794706184.1716193644&tid=UA-68861802-12&_gid=1650152564.1716193644&_r=1&_slc=1&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=417798572

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 May 2024 08:27:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amz-15promax-sg01.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 44ms
21ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=980421989&t=event&_s=2&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D513807612%26additionalParamString%3D472-14632410%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=184&ea=pageview&el=4304%2Fadressdata1%2F&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=1794706184.1716193644&tid=UA-68861802-12&_gid=1650152564.1716193644&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=854655232

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 13:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69029
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 45ms
22ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=980421989&t=event&_s=3&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D513807612%26additionalParamString%3D472-14632410%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=184&ea=idPartner&el=1601&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=1794706184.1716193644&tid=UA-68861802-12&_gid=1650152564.1716193644&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=1580623445

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 13:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69029
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
24ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=980421989&t=event&_s=4&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D513807612%26additionalParamString%3D472-14632410%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=184&ea=idAmKampagne&el=4304&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=1794706184.1716193644&tid=UA-68861802-12&_gid=1650152564.1716193644&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=690050403

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 13:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69029
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
25ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=980421989&t=event&_s=5&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D513807612%26additionalParamString%3D472-14632410%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=184&ea=wgname&el=Amazon-Gutschein%20%2B%20iPhone%2015%20Pro%20Max&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=1794706184.1716193644&tid=UA-68861802-12&_gid=1650152564.1716193644&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=1368019852

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 13:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69029
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
26ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=980421989&t=event&_s=6&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D513807612%26additionalParamString%3D472-14632410%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=184&ea=1601&el=224&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=1794706184.1716193644&tid=UA-68861802-12&_gid=1650152564.1716193644&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=1202149634

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 13:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69029
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
362 B 174ms
33ms XHR
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-68861802-12&cid=1794706184.1716193644&jid=2110225998&gjid=1167328772&_gid=1650152564.1716193644&_u=YEBAAEAAAAAAACACI~&z=280648274

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 May 2024 08:27:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amz-15promax-sg01.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
267 B 162ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QWM4Z8VE53&gtm=45je45f0v884936294za200&_p=1716193643687&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=DE-1601-513807612&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&dp=4304%2Fadressdata1%2F&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D513807612%26additionalParamString%3D472-14632410%26tpid%3D25%26&dr=&sid=1716193643&sct=1&seg=0&dt=Amazon-Gutschein%20%2B%20iPhone%2015%20Pro%20Max&uid=513807612&en=page_view&_fv=1&_ss=1&_ee=1&ep.content_group=adressdata1&ep.content_group1=4304&ep.content_group2=184&ep.content_group3=1601&ep.content_group4=224&ep.content_group5=%7B3859%7D&ep.content_group6=DE&ep.content_group7=2421&tfd=3726
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 20 May 2024 08:27:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amz-15promax-sg01.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 40ms
34ms Ping
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QWM4Z8VE53&cid=DE-1601-513807612&gtm=45je45f0v884936294za200&aip=1&uid=513807612&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 20 May 2024 08:27:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amz-15promax-sg01.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 108ms
43ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QWM4Z8VE53&cid=DE-1601-513807612&gtm=45je45f0v884936294za200&aip=1&uid=513807612&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1734842635

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 20 May 2024 08:27:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 370_we-doo-affiliate.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/bildverwaltung/ 16 KB
16 KB 146ms
56ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/bildverwaltung/370_we-doo-affiliate.png
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: acdd7f7ea7c58c458a9a06e3197998a0e6150e786b9d3209543295d6377a74bd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:23 GMT
Last-Modified: Mon, 04 Mar 2024 13:05:10 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 16040
Content-Type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 60ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QWM4Z8VE53&gtm=45je45f0v884936294za200&_p=1716193643687&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=DE-1601-513807612&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=2&dp=4304%2Fadressdata1%2F&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D513807612%26additionalParamString%3D472-14632410%26tpid%3D25%26&dr=&sid=1716193643&sct=1&seg=0&dt=Amazon-Gutschein%20%2B%20iPhone%2015%20Pro%20Max&uid=513807612&en=unique_page_view&_ee=1&ep.content_group=adressdata1&ep.content_group1=4304&ep.content_group2=184&ep.content_group3=1601&ep.content_group4=224&ep.content_group5=%7B3859%7D&ep.content_group6=DE&ep.content_group7=2421&_et=14&tfd=3856
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 20 May 2024 08:27:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amz-15promax-sg01.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 31ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QWM4Z8VE53&gtm=45je45f0v884936294za200&_p=1716193643687&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=DE-1601-513807612&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=gA&sid=1716193643&sct=1&seg=0&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D513807612%26additionalParamString%3D472-14632410%26tpid%3D25%26&dt=Amazon-Gutschein%20%2B%20iPhone%2015%20Pro%20Max&uid=513807612&_s=3&tfd=4011
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 May 2024 08:27:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amz-15promax-sg01.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 104ms
40ms Image
image/gif 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-68861802-12&cid=1794706184.1716193644&jid=2110225998&_u=YEBAAEAAAAAAACACI~&z=661349604

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 20 May 2024 08:27:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 106ms
42ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-68861802-12&cid=1794706184.1716193644&jid=2110225998&_u=YEBAAEAAAAAAACACI~&z=661349604

Requested by

Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 20 May 2024 08:27:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 15,desktop.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/ 64 KB
64 KB 160ms
53ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/15,desktop.png
Requested by: Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 9a937c8d2ec3b0a0198ff9f046bb43ef6727c940db37b3e864f63311519f684b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:24 GMT
Last-Modified: Tue, 05 Mar 2024 08:53:11 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 65500
Content-Type: image/png

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/ 519 KB
207 KB 102ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92f0b552deffbf207cee5389713056c7c3d27e4b9b9edaf29338d01a83c5962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Origin: https://amz-15promax-sg01.sofortchancen.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 18:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210834
x-xss-protection: 0
last-modified: Mon, 13 May 2024 17:44:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 May 2025 18:38:17 GMT

GET
H/1.1

200
OK

p.ashx
gowedoo.com/ Frame C58D
Redirect Chain

https://gowedoo.com/p.ashx?e=15&t=&r=472-14632410
https://gowedoo.com/p.ashx?e=15&t=&r=472-14632410&ch-redir=1

0
0

386ms
184ms

Document
text/plain

54.208.166.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gowedoo.com/p.ashx?e=15&t=&r=472-14632410&ch-redir=1
Requested by: Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.208.166.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-166-52.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private
Connection: close
Content-Length: 2
Content-Type: text/plain; charset=utf-8
Date: Mon, 20 May 2024 08:27:25 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Accept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-Ch-Ua-Wow64
Cache-Control: private
Connection: close
Content-Length: 189
Content-Type: text/html; charset=utf-8
Date: Mon, 20 May 2024 08:27:24 GMT
Location: https://gowedoo.com/p.ashx?e=15&t=&r=472-14632410&ch-redir=1

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 2FEF 0
0 43ms
27ms Document
text/html 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9hbXotMTVwcm9tYXgtc2cwMS5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=sk60npcfntj7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-11s9UiGky4eqQWHKxMJyhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://amz-15promax-sg01.sofortchancen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-11s9UiGky4eqQWHKxMJyhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 May 2024 08:27:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 5.877e5677b6ca133c7147.js Show response
static.cleverpush.com/sdk/chunk/ 36 KB
10 KB 32ms
32ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.877e5677b6ca133c7147.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3002fef546813c1b3e5a09a4ba66bb3e4a490ea12ee76a4e5efc5a1ead0b683c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M1QQH9H9S1A7KA54
age: 22718
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: MpaEQalxR8//OGqpSy9P22OL10URNuEPLu6GjD5iyAqwrkVek950mlDVG1CtKAqfJfDAYxhaCiQ=
last-modified: Mon, 13 May 2024 14:07:52 GMT
server: cloudflare
etag: W/"0b6f36aba47858a26d63eeb0ebb0f4f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpK1EaF%2B8ZM%2BCrnl%2Be3DbW3TXMa2ZJ6LLIyT95D2pNUTFET%2BAXnwfJyB%2FCbjWQ3J%2Fc%2FPGUjdNPzRQvKapJQSwgMQrK8Wij0gXo%2BM4wS%2F%2FazyvJA%2FFBlQPtOPADbOwz3DEZSnRKtszA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 886af287586c2c29-FRA

GET
H3 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ 5 KB
3 KB 30ms
29ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M1QX5201T69J5593
age: 22718
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AL9FnrkXMnDKBWYbGD5aq8d+irhc1FIWkYB+yEQ8nGaQlFY1VQi3qLriG4ELxvODpfXtxemd2H4=
last-modified: Mon, 13 May 2024 14:07:50 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z24zRkKi9wsFd0fW%2BRvMneP7OFKzbEa6SfYG6QYhqle21%2FEq9gLHR35ZDTpwLeWn%2BWtHsxiEqPvf8nqzCtCzAWWkV8JlpM7NZYcZTFYPfwVnqoj6CVOCTDNyyopfRzxaUF%2F2nAPL3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 886af287686f2c29-FRA

GET
H3 200 115.d6f4579d16a8335c5081.js Show response
static.cleverpush.com/sdk/chunk/ 14 KB
4 KB 32ms
32ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/115.d6f4579d16a8335c5081.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ddd1b39eac2a04fae60a31aa02ef2b45657ea5df67f814218e9a6a677bda5b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M1QP5NVRJ6QDEXQ9
age: 22715
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SOyZJtc96lCAzHkyiqC8YweY8L9YYR+e8q/xORr9Bt5Il950zSmA30ZCX80VgOaDG9YRcWuRAVuHAWbtgUwdww==
last-modified: Mon, 13 May 2024 14:07:50 GMT
server: cloudflare
etag: W/"780fd0f9008fd4d419a4aa7e324ca738"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HfdBwLV8gTKutalEWCvkIdn5hcIQCQkx6X1%2FUVoXfYPeI8kTq%2F6X58cFgj8QR5GNvUR22FUoNmv6l3mOAJqClBW%2FJ5Gwh0RvB8yU5zlUirKcq7vccdaSG2AwGJRrdrQwIfJKgkbtuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 886af28768722c29-FRA

GET
H2 200 iframe
arctollceoo.mycleverpush.com/ Frame 91F7 0
0 98ms
42ms Document
text/html 159.69.45.25
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.45.25 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.25.45.69.159.clients.your-server.de

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://amz-15promax-sg01.sofortchancen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 May 2024 08:27:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-1
x-cache-status: EXPIRED
x-robots-tag: noindex

GET
H3 200 103.ca34caf4a7c7f94a245a.js Show response
static.cleverpush.com/sdk/chunk/ 96 KB
22 KB 24ms
22ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/103.ca34caf4a7c7f94a245a.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M1QYTYPYRY0TT99Q
age: 22326
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IZzIjoAVMHJ/vcvoccqn/oO/Wr+hA38+X0JuasJbw6dBzfCClEosV4UOfVcLZ8kXQMOMlSLKmzYMDUM7oB/xxw==
last-modified: Mon, 13 May 2024 14:07:50 GMT
server: cloudflare
etag: W/"edca157e63c1ec51d4f0d926c455f313"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=naCgUJzPfjoOYlutCG9VS13U9wf%2F%2FyKEETFtCg8VFxyrCJ9WkQjO7l9WMkMoi%2FLGwo1SV8YHNqEkKg%2FHZ0zVJ50WKkpetJIOakGmA%2Brt6gKMfq%2BGxlUGfiGvBi7z%2FU2c%2BtfZWlsnJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 886af288fa0f2c29-FRA

GET
H3 200 720.55250bc0a01067617553.js Show response
static.cleverpush.com/sdk/chunk/ 48 KB
11 KB 22ms
21ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.55250bc0a01067617553.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 634fb6243f777936587296216a0a98c5ebd215c4c2fd44bb310fdfad37ce1ea7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M1QRS92P262H10FA
age: 22716
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nRia3ZsLDxG6FAxidQPBkHQb3ERx+raFlvRjGloGokgC4qokb6Ync4rnoHVIOQ8I0RRe7OLECC4=
last-modified: Mon, 13 May 2024 14:07:52 GMT
server: cloudflare
etag: W/"efcb14c4a4c67c58e37dd5ee8083a4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLEo5ZXNxXbo3DfM2mfets0nWC%2BnwuaExyNPRSBxSvIj0DYsKLCoECFZSAaQ4XX4ftzY7%2Fd9kwzWvmS3n1Q13BLDj61GExi1x5SghcSJ8DwrWKKpMNndyJbUxJskcRkDKGQJxsW%2BYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 886af288fa122c29-FRA

GET
H3 200 728.769733373fe8d2daa5a5.js Show response
static.cleverpush.com/sdk/chunk/ 24 KB
8 KB 20ms
19ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/728.769733373fe8d2daa5a5.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa7930e6a09ba32904b21daf3871a467ba4537b3d00bfb01ac5ef9479ee8ad1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: X3W3H6XQY2C5BWJN
age: 22692
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eKTEfEHMYh7eNPdtBUGTFb4oi0QauZjAQFkxxAtTZL2vtdI+gNQ7v4ko4mr5Ogl6cteG0Tv1Jec=
last-modified: Mon, 13 May 2024 14:07:53 GMT
server: cloudflare
etag: W/"24b4f27333c8d620d0b4706edde79f01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrvxGFgBRorVBm1ybuqLYpuL9RTnoNDtfct165b3z22bn2pBzPoBtHppv0D0pNCQHo302M%2Fxdjs6YQg6Bdpc2eGBC34elIOeWD0MhBG1PWZmwsQpK0adyIx0FF6LpRiaBHOpt0WA5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 886af2893a362c29-FRA

GET
H3 200 376.8cab31ffc2b64b495b06.js Show response
static.cleverpush.com/sdk/chunk/ 12 KB
5 KB 25ms
25ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/376.8cab31ffc2b64b495b06.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b45565fcd020711c8775c1a80ce7b1f9eea3546dbd5809292f908556c40ac0bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M1QY3YC7PGYPD2BP
age: 22718
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: /tWmdSP1ltrU42CholFpMZAY5mSVT9y5M/ZD/55ptNlKpkmKCL1FTB5tcpz1OUEtg47sAbifWX8=
last-modified: Mon, 13 May 2024 14:07:50 GMT
server: cloudflare
etag: W/"82d21e4c44ccb88da7bc6dc70911eddf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5WixYBoTyeVcUOlvE%2Bal4H2RPoLh8MYNbaqgQrkjvMXz2de3uoXf%2BZUwRFRvwGe81%2Fzo5al7tPATYhC%2B3Xm0PyUZhNJh7u%2B7w%2B3lEhL9BdwX34gc6AT724Qjy1gS12Uhyr%2FdMno96A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 886af2893a3a2c29-FRA

GET
H3 200 862.00b24ae64de8ff317661.js Show response
static.cleverpush.com/sdk/chunk/ 33 KB
9 KB 20ms
19ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/862.00b24ae64de8ff317661.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e49eb1384fa0a2c2116fcc445f475fb41051e517a1e43dde798ca4770d481447

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: X3WA1PN99P5EE6SM
age: 22717
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KolKHj9ooDJ9NHydzzOQiFB2lj3UoSUZKHEbC/XTEgBBsdPrpv/SWj0jhCN6vVzXDHERWWvKCVs=
last-modified: Mon, 13 May 2024 14:07:53 GMT
server: cloudflare
etag: W/"cafc6aa528a48ecd92bc50630c8497d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dvx7zGyHHJ9nwsFOlgOKDPFM%2FUGjznAoMqdroBMhvqYIEAn%2F%2B78Ag7YDJ00nied3uJHyEF%2FN9%2FA5SEA3jNv%2FG5UrDFhVx6CIGUOZO86V1ZNiNVhEx1%2BDMw6h1WTzgf70CoN3wdMEXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 886af2893a3c2c29-FRA

POST
H3 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
619 B 28ms
28ms Fetch
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://amz-15promax-sg01.sofortchancen.de/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-44
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wj9WzF9qvRu4pz6YM4vBjTI8bXGYf0zIIx9db7vOUuCV3G%2BgBLfN%2BKRYkPv%2BAlMFOjeDWoRKgWzlVzcDel5PyJoEDSS0Km76JfaToGyVXQ7mimWhRQTKb5zBDMrS%2Bb84%2B7POyw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 886af289cc91366d-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage

OPTIONS
H3 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 55ms
28ms Preflight
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://amz-15promax-sg01.sofortchancen.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 886af2899c60366d-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Mon, 20 May 2024 08:27:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tajFwlAqi8Xr1uFI%2Fm5a7%2FpCHIlvNWH37piVLmXt05hSCRK9HmWKBnY3QUDr6BFOasw2RiOIcVKG7wEfWqzfz8grbJOAcESJmlLVAZXtFB6Se04Zq%2FK%2Bp0xq%2BeTRr8vGuK6eRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H/1.1 200
OK favicon.ico
amz-15promax-sg01.sofortchancen.de/ 10 KB
10 KB 153ms
45ms Other
image/x-icon 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://amz-15promax-sg01.sofortchancen.de/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: b82e1bfe07efae539913fbd8fb1f45e4aa9f395f688784fa780fc573a3d724f6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 08:27:24 GMT
Last-Modified: Tue, 04 May 2021 04:33:10 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 10462
Content-Type: image/x-icon

POST
H3 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
619 B 35ms
35ms Fetch
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://amz-15promax-sg01.sofortchancen.de/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-44
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UuRqdzxSOpYXKmPIQ7dfx65T6Z%2Foxv2eq7%2F6xQDoWRXY%2FVKnMGurHqKwTF%2F3lZj3ew71b2OCpCVv%2FK8udzAKjmJKOI5owaVa5Ma9Frk3ltw%2BVPYFCQWUxY4Xvr5RiUo8bi2p2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 886af28fcb7c366d-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage

GET
H3 200 defaultChannelIcon.png
static.cleverpush.com/app/images/ 732 B
1 KB 32ms
29ms Image
image/png 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amz-15promax-sg01.sofortchancen.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 08:27:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SBPR1JD5C7N3WWT9
age: 2574776
alt-svc: h3=":443"; ma=86400
content-length: 732
x-amz-id-2: xks+Gy09hvGvup4Kgyurm+a5gmghpE+Xi3eLoR5hSNyoNFoIejVKji0F5U1kfSe4uDBouRmw0tk=
last-modified: Mon, 21 Oct 2019 13:42:31 GMT
server: cloudflare
etag: "dada142d4861c864d8d63e8cd5dd22dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LD5ZHUZg4yR3rJO6pW45XLYm%2BABL6kCi%2BDacFqrLbBIWmh2pD8zAkcSmYkcLsSxhZr4EDDqiNEpjt6RETeNhNqodPWfcOfPRljhM2mzp6BvPTCbNiPWKipAD5YgrPl%2F8gv%2FahtQOLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2628000
accept-ranges: bytes
cf-ray: 886af28f98ae2c29-FRA

OPTIONS
H3 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 24ms
21ms Preflight
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://amz-15promax-sg01.sofortchancen.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 886af28f9b56366d-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Mon, 20 May 2024 08:27:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZI1o5qNApVuIEr95xL8BxuplSCU3KEUeS2MJJTYU7eO0Hb0lspv9b%2BckyaNIbcrBb2o%2FpWKz0i%2BrmBXAtvbdu%2Bmp0qFi5p0GB98kkFzv%2FfqIaB3Hwd%2Bu%2BSrWDj58Q3uA%2ByRSzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.track.cornzself.com/	1970-01-20 20:44:40	Name: f4a7b871-b787-4c12-a5d6-efa0f0b5bdde-v4 Value: f4_1P87Bn7N_U1pHJ7nCQbb3H16Q41YmjKEa_Neg598
.track.cornzself.com/	1970-01-21 05:28:49	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22w4k17eqg8q0vj0e1jvu41t6c%22%2C%22caid%22%3A%22f4a7b871-b787-4c12-a5d6-efa0f0b5bdde%22%7D
.hpv0o.rdtk.io/	1970-01-20 20:44:40	Name: redcmps Value: W3siaWQiOiI2NjA1ODUzNjE2NDA0MjAwMDFjOWJkMDAiLCJ0IjoiMjAyNC0wNS0yMFQwODoyNzoyMC43MjgyMjM4ODZaIn1d
.hpv0o.rdtk.io/	1970-01-21 05:28:49	Name: redhash Value: NjY0YjA5NjgwM2FmMzEwMDAxZDQ0MDMyfDB8NjYwNTg1MzYxNjQwNDIwMDAxYzliZDAwfHw0ZGFiNjU2Yi1hZTY5LTRhMDItODIxOS05MTBkMjUxNjFmOTJ8MTcxNjE5MzY0MA==
.gowedoo.com/	1969-12-31 23:59:59	Name: sid Value: rNz+6QTGRApz7BP3Iob/Xb6d54zZzOuBDdaX99PE+8hpyujoGbmAzQ==
.gowedoo.com/	1970-01-21 06:19:13	Name: trk Value: nAfygcTFi3dz7BP3Iob/Xb6d54zZzOuBDdaX99PE+8hpyujoGbmAzQ==
.gowedoo.com/	1970-01-20 21:26:25	Name: c472 Value: rNz+6QTGRAob41BhTsfqEIJNmg6uf66IaG3XKAP3+AI=
gewinn-ometer.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4b15810effff5f38664f189a6112e654
gewinn-ometer.com/	1970-01-20 21:26:25	Name: coyoteTrackingCookie_2765 Value: 513807612
gewinn-ometer.com/	1970-01-20 21:26:25	Name: coyoteSimpleTrackingCookie Value: 513807612
amz-15promax-sg01.sofortchancen.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: ac883e0d61abf2535ca42ac3a6435fe4
amz-15promax-sg01.sofortchancen.de/	1970-01-20 20:43:28	Name: coyoteAffiliTokenId4304 Value: 513807612
amz-15promax-sg01.sofortchancen.de/	1970-01-20 20:43:15	Name: PHPSESSID_UPV Value: 4304/adressdata1/
.sofortchancen.de/	1970-01-20 20:44:40	Name: _gid Value: GA1.2.1650152564.1716193644
.sofortchancen.de/	1970-01-20 20:43:13	Name: _gat Value: 1
.sofortchancen.de/	1970-01-21 06:19:13	Name: _ga Value: GA1.1.DE-1601-513807612
.sofortchancen.de/	1970-01-21 06:19:13	Name: _ga_QWM4Z8VE53 Value: GS1.1.1716193643.1.0.1716193644.59.0.0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25& Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25& Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25& Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25& Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25& Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=513807612&additionalParamString=472-14632410&tpid=25& Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
amz-15promax-sg01.sofortchancen.de
api.cleverpush.com
arctollceoo.mycleverpush.com
fonts.googleapis.com
gewinn-ometer.com
gflnlvd.com
go.beterwat.xyz
gowedoo.com
hpv0o.rdtk.io
region1.analytics.google.com
static.cleverpush.com
stats.g.doubleclick.net
track.cornzself.com
track.pairfitem.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
142.250.74.206
152.199.19.160
155.138.218.204
159.69.45.25
172.217.23.100
172.217.23.99
172.67.71.184
188.95.252.33
188.95.252.36
2001:1af8:5100:a003:2::
2001:4860:4802:34::36
2600:9000:211a:1a00:11:c066:4a80:93a1
2600:9000:2611:5000:1a:e991:e300:93a1
2a00:1450:4001:803::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:828::2008
2a00:1450:400c:c1d::9a
47.252.93.52
54.208.166.52
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c2c9d78923a99c7437b50dd7c9ba2e8a41f76dcc4e13ae72cbf41c866372c95
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
3002fef546813c1b3e5a09a4ba66bb3e4a490ea12ee76a4e5efc5a1ead0b683c
391a9bbf64e8f3231bf27bebfce1eeab9988573c1bce0918ef0cfb5964f30eab
4e8d0a14f8cc5a8c936ab1d2f9548aef8c15a61d6402d8013ce0f80ccd55b587
634fb6243f777936587296216a0a98c5ebd215c4c2fd44bb310fdfad37ce1ea7
6f5e135c82fd06a89c90eb3dd9256af1981d3acc9031ab4c280945489ee44ff1
78c5c005e2ee19b398878c739fa411995daeb972ad82a3dec5b5021bb0ca914c
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e
7d193fbace08404a618d45b6381bc57b5326eb3861b15d0ceabc249a43b79885
7e972cfed3b2893663a5827e9726fa4b6ff5375b8d9abc2edd580243568027a7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847dd5d262cf68ae4360339ddff16dfdd4182246bb9dff0fc4b7de6ef432a033
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ddd1b39eac2a04fae60a31aa02ef2b45657ea5df67f814218e9a6a677bda5b
9a937c8d2ec3b0a0198ff9f046bb43ef6727c940db37b3e864f63311519f684b
a1eb2a3c06756218bf69dc7f1ab3d34b68198442a3beff5d45253a2e1bc27bc0
a44471d952f7eb2a8f4e4639772c14e3f7fdf0014a26f3da2f8d3ca2504f16a1
acdd7f7ea7c58c458a9a06e3197998a0e6150e786b9d3209543295d6377a74bd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b45565fcd020711c8775c1a80ce7b1f9eea3546dbd5809292f908556c40ac0bf
b82e1bfe07efae539913fbd8fb1f45e4aa9f395f688784fa780fc573a3d724f6
bbc10a31d1e970642919cefbb9103ec65e4796250e89112ebd04a73478ca3848
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e11995f02226b31716ebb9e673d0504d877d5e9cfccb22085ba00c6eb21c3e30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49eb1384fa0a2c2116fcc445f475fb41051e517a1e43dde798ca4770d481447
e92f0b552deffbf207cee5389713056c7c3d27e4b9b9edaf29338d01a83c5962
ecdb7e3fb838e846a1945c4e00b05eda1484169e3c5d5c945a80537ca7ceecde
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51d3c011546a8d70239912ca1f349566e396f781da0757b351ced84ea2ff92a
faa7930e6a09ba32904b21daf3871a467ba4537b3d00bfb01ac5ef9479ee8ad1

amz-15promax-sg01.sofortchancen.de Open in urlscan Pro 188.95.252.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

45 %IPv6

18 Domains

20 Subdomains

16 IPs

5 Countries

977 kBTransfer

2002 kBSize

17 Cookies

14 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

amz-15promax-sg01.sofortchancen.de Open in urlscan Pro
188.95.252.36 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

45 %
IPv6

18
Domains

20
Subdomains

16
IPs

5
Countries

977 kB
Transfer

2002 kB
Size

17
Cookies

51 HTTP transactions
0 data transactions