tankgutschein.sofortchancen.de Open in urlscan Pro
188.95.252.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://curl.ro/j73v1
Effective URL:
https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Submission: On June 22 via manual (June 22nd 2022, 11:12:35 am UTC) from IN — Scanned from DE

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 27 domains to perform 51 HTTP transactions. The main IP is 188.95.252.36, located in and belongs to . The main domain is tankgutschein.sofortchancen.de.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 25th 2022. Valid for: 3 months.

This is the only time tankgutschein.sofortchancen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	89.42.231.136 89.42.231.136	48459 (CIANET-AS) (CIANET-AS)
1	34.237.47.210 34.237.47.210	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
3	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
1 2	2606:4700:303... 2606:4700:3035::ac43:ce3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	67.202.114.216 67.202.114.216	32748 (STEADFAST) (STEADFAST)
1 1	64.227.23.114 64.227.23.114	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	99.198.108.194 99.198.108.194	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 3	51.68.85.158 51.68.85.158	16276 (OVH) (OVH)
1 1	34.147.1.177 34.147.1.177	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2606:4700:303... 2606:4700:3035::6815:51d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:bfdd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.234.242 34.91.234.242	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	65.60.58.179 65.60.58.179	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	34.147.37.248 34.147.37.248	() ()
1 1	139.45.197.239 139.45.197.239	() ()
1 7	188.95.252.36 188.95.252.36	() ()
7	2a00:1450:400... 2a00:1450:4001:829::200e	() ()
1	152.199.19.160 152.199.19.160	() ()
1	143.204.214.207 143.204.214.207	() ()
1	2606:4700::68... 2606:4700::6812:bcf	() ()
1	2606:4700:20:... 2606:4700:20::ac43:47b8	() ()
1	2a00:1450:400... 2a00:1450:4001:801::2004	() ()
1	2a00:1450:400... 2a00:1450:4001:80b::2003	() ()
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	() ()
1	2a00:1450:400... 2a00:1450:4001:811::2003	() ()
51	21

2 89.42.231.136 (Romania) 2 redirects

ASN48459 (CIANET-AS, RO)
PTR: curl.ro

curl.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.47.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-47-210.compute-1.amazonaws.com

lychee12172954.brizy.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

b-cloud.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:ce3d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mackfbs.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.216 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.23.114 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

polo.thegadgetguru.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.198.108.194 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

monkey.redirectmaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.85.158 (France) 2 redirects

ASN16276 (OVH, FR)

www.offermyvist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.147.1.177 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.1.147.34.bc.googleusercontent.com

admoustache.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::6815:51d8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mingotime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:bfdd (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.234.242 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com

track.aditserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.60.58.179 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

ad.marootrack.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.147.37.248 (None, ) 1 redirects

ASN- ()

track.wbamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.239 (None, ) 1 redirects

ASN- ()

gfsdloocn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 188.95.252.36 (None, ) 1 redirects

ASN- ()

ihre-tageschance.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tankgutschein.sofortchancen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (None, )

ASN- ()

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.207 (None, )

ASN- ()

d1cr9zxt7u0sgu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (None, )

ASN- ()

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:47b8 (None, )

ASN- ()

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	google-analytics.com www.google-analytics.com	20 KB
6	sofortchancen.de tankgutschein.sofortchancen.de	242 KB
4	mingotime.com www.mingotime.com	27 KB
3	marootrack.co ad.marootrack.co — Cisco Umbrella Rank: 100623	7 KB
3	offermyvist.com 2 redirects www.offermyvist.com — Cisco Umbrella Rank: 603431	6 KB
3	redirectmaster.com monkey.redirectmaster.com	7 KB
3	b-cdn.net b-cloud.b-cdn.net — Cisco Umbrella Rank: 334348	128 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	179 KB
2	mackfbs.me 1 redirects mackfbs.me	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
2	curl.ro 2 redirects curl.ro	1 KB
1	doubleclick.net stats.g.doubleclick.net	452 B
1	google.com www.google.com	997 B
1	cleverpush.com static.cleverpush.com	51 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	cloudfront.net d1cr9zxt7u0sgu.cloudfront.net	26 KB
1	aspnetcdn.com ajax.aspnetcdn.com	30 KB
1	ihre-tageschance.de 1 redirects ihre-tageschance.de	759 B
1	gfsdloocn.com 1 redirects gfsdloocn.com	826 B
1	wbamedia.com 1 redirects track.wbamedia.com	303 B
1	aditserve.com 1 redirects track.aditserve.com — Cisco Umbrella Rank: 69880	418 B
1	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 227477	1 KB
1	go2affise.com 1 redirects admoustache.go2affise.com — Cisco Umbrella Rank: 84869	211 B
1	thegadgetguru.club 1 redirects polo.thegadgetguru.club — Cisco Umbrella Rank: 676238	295 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 12783	27 B
1	brizy.site lychee12172954.brizy.site	2 KB
0	google.de Failed www.google.de Failed
51	27

	Domain	Requested by
7	www.google-analytics.com	tankgutschein.sofortchancen.de www.google-analytics.com
6	tankgutschein.sofortchancen.de	ad.marootrack.co tankgutschein.sofortchancen.de
4	www.mingotime.com	www.offermyvist.com www.mingotime.com
3	ad.marootrack.co	www.mingotime.com ad.marootrack.co
3	www.offermyvist.com	2 redirects monkey.redirectmaster.com
3	monkey.redirectmaster.com	mackfbs.me monkey.redirectmaster.com
3	b-cloud.b-cdn.net	lychee12172954.brizy.site
2	mackfbs.me	1 redirects lychee12172954.brizy.site
2	fonts.googleapis.com	lychee12172954.brizy.site tankgutschein.sofortchancen.de
2	curl.ro	2 redirects
1	www.gstatic.com	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	tankgutschein.sofortchancen.de
1	static.cleverpush.com	tankgutschein.sofortchancen.de static.cleverpush.com
1	maxcdn.bootstrapcdn.com	tankgutschein.sofortchancen.de
1	d1cr9zxt7u0sgu.cloudfront.net	tankgutschein.sofortchancen.de
1	ajax.aspnetcdn.com	tankgutschein.sofortchancen.de
1	ihre-tageschance.de	1 redirects
1	gfsdloocn.com	1 redirects
1	track.wbamedia.com	1 redirects
1	track.aditserve.com	1 redirects
1	cdn.addlnk.com	www.mingotime.com
1	admoustache.go2affise.com	1 redirects
1	polo.thegadgetguru.club	1 redirects
1	whos.amung.us	lychee12172954.brizy.site
1	lychee12172954.brizy.site
0	www.google.de Failed	tankgutschein.sofortchancen.de
51	28

This site contains no links.

Subject Issuer	Validity	Valid
*.brizy.site Sectigo RSA Domain Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-09`	a year	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
monkey.redirectmaster.com R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
www.offermyvist.com R3	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.mingotime.com E1	`2022-05-07` - `2022-08-05`	3 months	crt.sh
ad.marootrack.co R3	`2022-05-25` - `2022-08-23`	3 months	crt.sh
tankgutschein.sofortchancen.de cPanel, Inc. Certification Authority	`2022-05-25` - `2022-08-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Frame ID: C94EADC8912C535572FBC1D05C9623F9
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click "Allow" To Continue

Page URL History Show full URLs

http://curl.ro/j73v1 HTTP 301
https://curl.ro/j73v1 HTTP 301
https://lychee12172954.brizy.site/ Page URL
https://mackfbs.me/ads.direct?token=7b2275736572223a2270656c7563686576617065222c2275726c223a226... HTTP 302
https://polo.thegadgetguru.club/?k=c0769147b20ac904d5fc4384ca0c888a&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
https://monkey.redirectmaster.com/?utm_term=7112020677422481431&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
https://monkey.redirectmaster.com/proc.php?7f24b8594ab8ca9d407bf2e436fe2c13025006c3 Page URL
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website... Page URL
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website... HTTP 302
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website... HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330002f1aadca910042bcc390fb15876... HTTP 302
https://www.mingotime.com/rc/a91581ead4?affclick=62b2f9202b98f00001d3af3d&pubid=503 Page URL
http://track.aditserve.com/sl?id=61c1b2b3d9b88bb313742231&pid=930&sub2=8fe20426_503&sub1=pub582bf3b5995... HTTP 302
https://ad.marootrack.co/?utm_medium=1ec04c8c1c16eafe4df342fbccbedd268747cb4c&utm_campaign=Mainstream... Page URL
https://ad.marootrack.co/?utm_term=7112020681717448791&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
https://ad.marootrack.co/proc.php?58e17a8c7ea943b2ff780a403fba0538d2746dc2 Page URL
https://track.wbamedia.com/click?pid=14&offer_id=7692&sub1=M7112020681717448791&sub2=20961-37eddb7e-d85... HTTP 302
https://gfsdloocn.com/link?z=5062064&var=14_20961-37eddb7e-d856e882&ymid=62b2f92255ea980001ef4797 HTTP 302
https://ihre-tageschance.de/de,arctoll_2234.html?idPartner=1721&idCampaignAd=0&subId=5062064_14_20961-37... HTTP 302
https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bva... Page URL

Page Statistics

51
Requests

80 %
HTTPS

42 %
IPv6

27
Domains

28
Subdomains

21
IPs

5
Countries

738 kB
Transfer

1806 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://curl.ro/j73v1 HTTP 301
https://curl.ro/j73v1 HTTP 301
https://lychee12172954.brizy.site/ Page URL
https://mackfbs.me/ads.direct?token=7b2275736572223a2270656c7563686576617065222c2275726c223a2268747470733a2f2f6d61636b6662732e6d65222c2274696d65223a313635353839363335303135352c22636f6465223a224445227d HTTP 302
https://polo.thegadgetguru.club/?k=c0769147b20ac904d5fc4384ca0c888a&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
https://monkey.redirectmaster.com/?utm_term=7112020677422481431&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564 Page URL
https://monkey.redirectmaster.com/proc.php?7f24b8594ab8ca9d407bf2e436fe2c13025006c3 Page URL
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564 Page URL
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564&eyeg=f111c0a9d132072a758aa89f3ae25c04&eyer=0.47558761849781805&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564&eyeg=3&eyer=0.47558761849781805&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330002f1aadca910042bcc390fb15876233770622-202206-flb*5504646-65846*M7112020677422481431*sl_5504646-65846*e1b6561ef0b1a5707b97340115938e486911cead*4400-630c3a4z*4400 HTTP 302
https://www.mingotime.com/rc/a91581ead4?affclick=62b2f9202b98f00001d3af3d&pubid=503 Page URL
http://track.aditserve.com/sl?id=61c1b2b3d9b88bb313742231&pid=930&sub2=8fe20426_503&sub1=pub582bf3b59957477cb8420a21143d5482 HTTP 302
https://ad.marootrack.co/?utm_medium=1ec04c8c1c16eafe4df342fbccbedd268747cb4c&utm_campaign=Mainstream&1=930_8fe20426_503&cid=62b2f921a3289b0001f47e49 Page URL
https://ad.marootrack.co/?utm_term=7112020681717448791&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564 Page URL
https://ad.marootrack.co/proc.php?58e17a8c7ea943b2ff780a403fba0538d2746dc2 Page URL
https://track.wbamedia.com/click?pid=14&offer_id=7692&sub1=M7112020681717448791&sub2=20961-37eddb7e-d856e882&sub3=20961&sub4=kg0108&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564 HTTP 302
https://gfsdloocn.com/link?z=5062064&var=14_20961-37eddb7e-d856e882&ymid=62b2f92255ea980001ef4797 HTTP 302
https://ihre-tageschance.de/de,arctoll_2234.html?idPartner=1721&idCampaignAd=0&subId=5062064_14_20961-37eddb7e-d856e882&subIdentifier=563432479162377082&additionalParamString={var_3} HTTP 302
https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://curl.ro/j73v1 HTTP 301
https://curl.ro/j73v1 HTTP 301
https://lychee12172954.brizy.site/

Request Chain 7

https://mackfbs.me/ads.direct?token=7b2275736572223a2270656c7563686576617065222c2275726c223a2268747470733a2f2f6d61636b6662732e6d65222c2274696d65223a313635353839363335303135352c22636f6465223a224445227d HTTP 302
https://polo.thegadgetguru.club/?k=c0769147b20ac904d5fc4384ca0c888a&type=mainstream&subtype=global HTTP 302
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

Request Chain 11

https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564&eyeg=f111c0a9d132072a758aa89f3ae25c04&eyer=0.47558761849781805&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564&eyeg=3&eyer=0.47558761849781805&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330002f1aadca910042bcc390fb15876233770622-202206-flb*5504646-65846*M7112020677422481431*sl_5504646-65846*e1b6561ef0b1a5707b97340115938e486911cead*4400-630c3a4z*4400 HTTP 302
https://www.mingotime.com/rc/a91581ead4?affclick=62b2f9202b98f00001d3af3d&pubid=503

Request Chain 15

http://track.aditserve.com/sl?id=61c1b2b3d9b88bb313742231&pid=930&sub2=8fe20426_503&sub1=pub582bf3b59957477cb8420a21143d5482 HTTP 302
https://ad.marootrack.co/?utm_medium=1ec04c8c1c16eafe4df342fbccbedd268747cb4c&utm_campaign=Mainstream&1=930_8fe20426_503&cid=62b2f921a3289b0001f47e49

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
lychee12172954.brizy.site/
Redirect Chain

http://curl.ro/j73v1
https://curl.ro/j73v1
https://lychee12172954.brizy.site/

9 KB
2 KB

326ms
98ms

Document
text/html

34.237.47.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lychee12172954.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.237.47.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-47-210.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 15a5a66a799b07e112d065aa1a529bbe7e303c07b69422253394e3e36f948f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37444
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 2016
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 11:12:29 GMT
expires: -1
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.2)
x-brizy-preview: 1
x-cache: HIT
x-cache-hits: 15553
x-varnish: 20827995 19524035

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: must-revalidate, no-cache, no-store, private
content-encoding: br
content-length: 174
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 11:12:29 GMT
location: https://lychee12172954.brizy.site/
vary: Accept-Encoding,User-Agent

GET
H2 200 css
fonts.googleapis.com/ 34 KB
2 KB 51ms
21ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass:100,100italic,200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap

Requested by

Host: lychee12172954.brizy.site
URL: https://lychee12172954.brizy.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a19fc5244f2c5bd7f96ebefe24cdb3bbb9759140e04df643ff68e132c162d428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lychee12172954.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 11:05:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 11:12:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 11:12:29 GMT

GET
H2 200 preview.css
b-cloud.b-cdn.net/builds/free/237-cloud/editor/css/ 238 KB
37 KB 48ms
12ms Stylesheet
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/237-cloud/editor/css/preview.css
Requested by: Host: lychee12172954.brizy.site
URL: https://lychee12172954.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: b342c02cf1b71aed9e48e8f28e24df74a833a8b3a2265839a7df3308f85a9ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lychee12172954.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:29 GMT
content-encoding: br
cdn-edgestorageid: 879
x-amz-request-id: W9KQEPBJZ75CYS6Y
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 06/02/2022 08:46:20
cdn-pullzone: 246147
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: vR5Gt4QIFmui+4KNCYQDWJdTpSRfmob6JJBuSJaNqocs5FjjOXXhHyS88wbGaxmfD7k0YSh5/eo=
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 13:26:10 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"545ed72c486d3a8de75bfe549653cec4"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
cdn-requestid: 95c6a4c1d9adc9add658a1d071d4399f
cdn-requestcountrycode: DE
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/237-cloud/editor/css/preview.css>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
mackfbs.me/ 510 B
912 B 630ms
592ms Script
application/javascript 2606:4700:3035::ac43:ce3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mackfbs.me/?token=U2FsdGVkX19HCpHxiBD%2Bh%2FdlJL1raosbOKsApUk8FEb%2FOxp7oZY023k76LmqY9%2Fx0NWH4a21yRHI4zDeewrKvg%3D%3D
Requested by: Host: lychee12172954.brizy.site
URL: https://lychee12172954.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ce3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9b8ed8a247d9fafda3fd4c59f9b33fffbce8351a65276b56fede68e2398cd36e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lychee12172954.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:30 GMT
content-encoding: br
etag: W/"1fe-mlIhcnf/DasK6g61WbLVc2WnZEk"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UgF1%2B0se4AZu50VtRG3FGPVM%2BT1yKTAGMi13chjFJCVGND1%2FNKVlUFOAe36BJPI3ZBGLikaDwF8yvGX184XToSypweD6wKtFXOqhHUojzsoL6gvARIkrOhP3szf7B3OFpflgw4NX9at"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cf-ray: 71f48c98dbf78fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 group-jq.js Show response
b-cloud.b-cdn.net/builds/free/237-cloud/editor/js/ 89 KB
34 KB 66ms
32ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/237-cloud/editor/js/group-jq.js
Requested by: Host: lychee12172954.brizy.site
URL: https://lychee12172954.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 3b443e63989cfbf4f92fe13acbaf14cf4423c2f63f378cb23c955b4dbfd1036c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lychee12172954.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:29 GMT
content-encoding: br
cdn-edgestorageid: 879
x-amz-request-id: W9KTVR9DNGBKFVTJ
cdn-cachedat: 06/02/2022 08:46:20
cdn-pullzone: 246147
x-amz-id-2: /Hbty/g+/Epe7VjeWiJUnOowjch41hBMzZ4sHimjcCROrwyTQ88aY5lhMVo0WAJrWJoCGCVOsmE=
server: BunnyCDN-AMS1-879
last-modified: Thu, 26 May 2022 13:28:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ed710a097ec10ed3e2e1403b9380da89"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
cdn-requestid: 2983f01156a0b323dc9fb67616928dd8
cdn-requestcountrycode: DE
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/237-cloud/editor/js/group-jq.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 preview.js Show response
b-cloud.b-cdn.net/builds/free/237-cloud/editor/js/ 181 KB
57 KB 68ms
33ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/237-cloud/editor/js/preview.js
Requested by: Host: lychee12172954.brizy.site
URL: https://lychee12172954.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 9ba2b2408fc39bca2b4b7f77744aa1ee4b4d027b583f8c866eabbea3de13161a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lychee12172954.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:29 GMT
content-encoding: br
cdn-edgestorageid: 883
x-amz-request-id: W9KVJHW29GN4V99C
cdn-cachedat: 06/02/2022 08:46:20
cdn-pullzone: 246147
x-amz-id-2: Y9EHMSZvdkUmLOiirh/n9z75ShT0YT1YSe+OJSwLWAMyNFq2dBPW980GQ9b6EOrxXPaaXL1LbIs=
server: BunnyCDN-AMS1-879
last-modified: Thu, 26 May 2022 13:28:27 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"5b7cd1279af27a4f74579700bd09a222"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
cdn-requestid: 675f3a642225faf26d7f998717d38df0
cdn-requestcountrycode: DE
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/237-cloud/editor/js/preview.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
whos.amung.us/pingjs/ 27 B
27 B 315ms
103ms Image
text/javascript 67.202.114.216
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=todoa25&t=%F0%9F%90%BC%E2%9E%AF%F0%9D%93%9B%F0%9D%93%90%20%F0%9D%93%A5%F0%9D%93%90%F0%9D%99%84%F0%9D%93%9D%F0%9D%93%90%E2%87%A6-Directo%F0%9F%90%BC&x=https%3A%2F%2Fpanelfbs.me/Directo
Requested by: Host: lychee12172954.brizy.site
URL: https://lychee12172954.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.216 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lychee12172954.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:30 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2

200

/
monkey.redirectmaster.com/
Redirect Chain

https://mackfbs.me/ads.direct?token=7b2275736572223a2270656c7563686576617065222c2275726c223a2268747470733a2f2f6d61636b6662732e6d65222c2274696d65223a313635353839363335303135352c22636f6465223a224445227d
https://polo.thegadgetguru.club/?k=c0769147b20ac904d5fc4384ca0c888a&type=mainstream&subtype=global
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

3 KB
2 KB

413ms
106ms

Document
text/html

99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

Requested by

Host: mackfbs.me
URL: https://mackfbs.me/?token=U2FsdGVkX19HCpHxiBD%2Bh%2FdlJL1raosbOKsApUk8FEb%2FOxp7oZY023k76LmqY9%2Fx0NWH4a21yRHI4zDeewrKvg%3D%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.0.11

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://lychee12172954.brizy.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 11:12:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://monkey.redirectmaster.com/?utm_term=7112020677422481431&ver=4viyaptcjo
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.0.11

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Jun 2022 11:12:31 GMT
Location: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server: nginx/1.16.1 (Ubuntu)

GET
H2 200 / Show response
monkey.redirectmaster.com/ 8 KB
3 KB 139ms
139ms Document
text/html 99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://monkey.redirectmaster.com/?utm_term=7112020677422481431&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564

Requested by

Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.0.11

Resource Hash

70630730df53fd04df6e1db994bc9888291779527e4337c7e2f5a476fff8c5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 11:12:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.0.11

GET
H2 200 proc.php
monkey.redirectmaster.com/ 4 KB
2 KB 212ms
212ms Document
text/html 99.198.108.194
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://monkey.redirectmaster.com/proc.php?7f24b8594ab8ca9d407bf2e436fe2c13025006c3

Requested by

Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_term=7112020677422481431&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.0.11

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://monkey.redirectmaster.com/?utm_term=7112020677422481431&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 11:12:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.0.11

GET
H/1.1 200
OK /
www.offermyvist.com/ 5 KB
5 KB 76ms
10ms Document
text/html 51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564
Requested by: Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/proc.php?7f24b8594ab8ca9d407bf2e436fe2c13025006c3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://monkey.redirectmaster.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Wed, 22 Jun 2022 11:12:32 GMT
Transfer-Encoding: chunked

GET
H2

200

a91581ead4 Show response
www.mingotime.com/rc/
Redirect Chain

https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330002f1aadca910042bcc390fb15876233770622-202206-flb*5504646-65846*M7112020677422481431*sl_5504646-65846*e1b6561ef0b1a5...
https://www.mingotime.com/rc/a91581ead4?affclick=62b2f9202b98f00001d3af3d&pubid=503

2 KB
2 KB

103ms
69ms

Document
text/html

2606:4700:3035::6815:51d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mingotime.com/rc/a91581ead4?affclick=62b2f9202b98f00001d3af3d&pubid=503
Requested by: Host: www.offermyvist.com
URL: https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:51d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174a295f6ac33aa2c8424671f881d22bdf2623375ed19190bc0d11dc57473a3e

Request headers

Referer: https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112020677422481431&website=4400-630c3a4z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71f48cae3a889158-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 11:12:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1idHk4NcnaMUniY1BEKKV692YIXgLCu0RMFexwXzV68cGJMBNGc8tmISeT9MCo1DwXiLzH%2F9OjAKOo3Xnu7m8uUoiRXlgdj8g9mvJejklJMlgjLPJ7WGeRNmtf8lbNZoQLYrc8SdgsbVrpE7EupadA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Wed, 22 Jun 2022 11:12:32 GMT
location: https://www.mingotime.com/rc/a91581ead4?affclick=62b2f9202b98f00001d3af3d&pubid=503
server: nginx

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 47ms
15ms Stylesheet
text/css 2606:4700:3030::ac43:bfdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: www.mingotime.com
URL: https://www.mingotime.com/rc/a91581ead4?affclick=62b2f9202b98f00001d3af3d&pubid=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bfdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3334
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: NG3WEQ5NJ4PQVZ4F
x-amz-id-2: QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV6O8Of6UuxJAXpLhNWg5OyVROIrPX4l3DGQkzcxB2c3tPxamQGwIJK0Ku6AL3SncEm6EJEgIQ3aq1fk4uv8qyyQslFVWeLUa83tKrF7TBgEk63BaEJjX06j%2F45d3CUv4zLeTtUTxHHLyZSSqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 71f48caeeec69238-FRA
cf-bgj: minify

GET
H3 200 invisible.js Show response
www.mingotime.com/cdn-cgi/challenge-platform/h/g/scripts/ 45 KB
16 KB 33ms
19ms Script
application/javascript 2606:4700:3035::6815:51d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mingotime.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1655884800
Requested by: Host: www.mingotime.com
URL: https://www.mingotime.com/rc/a91581ead4?affclick=62b2f9202b98f00001d3af3d&pubid=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:51d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5521ef86ec867b4e8b10f843bcecd75428f2094ef70b8c0f83958ed5bd70653

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaDMyS9GpJToFRoVx2PBzvhOnDfubq0vcdMLOwxQb6zI5LYMuYhrDaVvRCRg9Sqc9650%2F9HFnI49PnTUULCdK6dSgmCvcXeVzKsiwOWiq7tOfySOg6bWDXffBOO1lCk76sKXcykWg9oHXdf8eNhumw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 71f48caedfe1bb59-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
www.mingotime.com/cdn-cgi/challenge-platform/h/g/scripts/ 22 KB
8 KB 20ms
20ms Other
application/javascript 2606:4700:3035::6815:51d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mingotime.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:51d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b0a70fd87ade99e29e47d9abe9c0a7d45f3974c4986ce2703d855fa2c915f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXZvHkkZ2DgEsO25Q4fdDK%2FT91Yo2mCxchk0x0C4CdUVEZTGyfC8TYamHLbLdus7uSOXdZXCfog3axccaEZYuqP1YuaNF1cilJXiLrC%2FFNXx7mT1x47E%2BviYmTqYdPppBuwAXp1m03Vev9QfPIJawg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 71f48caf1840bb59-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/
ad.marootrack.co/
Redirect Chain

http://track.aditserve.com/sl?id=61c1b2b3d9b88bb313742231&pid=930&sub2=8fe20426_503&sub1=pub582bf3b59957477cb8420a21143d5482
https://ad.marootrack.co/?utm_medium=1ec04c8c1c16eafe4df342fbccbedd268747cb4c&utm_campaign=Mainstream&1=930_8fe20426_503&cid=62b2f921a3289b0001f47e49

3 KB
2 KB

323ms
106ms

Document
text/html

65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.marootrack.co/?utm_medium=1ec04c8c1c16eafe4df342fbccbedd268747cb4c&utm_campaign=Mainstream&1=930_8fe20426_503&cid=62b2f921a3289b0001f47e49

Requested by

Host: www.mingotime.com
URL: https://www.mingotime.com/rc/a91581ead4?affclick=62b2f9202b98f00001d3af3d&pubid=503

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.0.11

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://www.mingotime.com/rc/a91581ead4?affclick=62b2f9202b98f00001d3af3d&pubid=503
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 11:12:33 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://ad.marootrack.co/?utm_term=7112020681717448791&ver=4viyaptcjo
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.0.11

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Wed, 22 Jun 2022 11:12:33 GMT
Location: https://ad.marootrack.co/?utm_medium=1ec04c8c1c16eafe4df342fbccbedd268747cb4c&utm_campaign=Mainstream&1=930_8fe20426_503&cid=62b2f921a3289b0001f47e49
Server: nginx

POST
H3 200 71f48cae3a889158
www.mingotime.com/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
736 B 41ms
41ms XHR
text/plain 2606:4700:3035::6815:51d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mingotime.com/cdn-cgi/challenge-platform/h/g/cv/result/71f48cae3a889158
Requested by: Host: www.mingotime.com
URL: https://www.mingotime.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1655884800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:51d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Jun 2022 11:12:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be%2BA7zsCtm%2F0EaYDzdX62xSwat1uGMaE89UV%2BF73TEKGJzyK2e1UA6h9Zyw%2FPP2clVe%2FLtLuXAlWZYDPMro3%2BOF9TClLhpW5Un%2B%2F5NpP3g%2B4H%2B4xgppyp9gBWHOYzlLUKa3PMj8qUSquWAoY2EAylA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 71f48cb16c6ebb59-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
ad.marootrack.co/ 8 KB
3 KB 114ms
114ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.marootrack.co/?utm_term=7112020681717448791&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564

Requested by

Host: ad.marootrack.co
URL: https://ad.marootrack.co/?utm_medium=1ec04c8c1c16eafe4df342fbccbedd268747cb4c&utm_campaign=Mainstream&1=930_8fe20426_503&cid=62b2f921a3289b0001f47e49

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.0.11

Resource Hash

1d10caf4ad49c330acda67e1c464b98114797a777b5ad889087c71b548344921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://ad.marootrack.co/?utm_medium=1ec04c8c1c16eafe4df342fbccbedd268747cb4c&utm_campaign=Mainstream&1=930_8fe20426_503&cid=62b2f921a3289b0001f47e49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 11:12:33 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.0.11

GET
H2 200 proc.php
ad.marootrack.co/ 3 KB
2 KB 107ms
107ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.marootrack.co/proc.php?58e17a8c7ea943b2ff780a403fba0538d2746dc2

Requested by

Host: ad.marootrack.co
URL: https://ad.marootrack.co/?utm_term=7112020681717448791&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.0.11

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://ad.marootrack.co/?utm_term=7112020681717448791&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f1f6f1f3f0f5f4e9ecebe8e9eae5eae564
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 11:12:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://track.wbamedia.com/click?pid=14&offer_id=7692&sub1=M7112020681717448791&sub2=20961-37eddb7e-d856e882&sub3=20961&sub4=kg0108
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.0.11

GET
H/1.1

200
OK

Primary Request campaign_3483.html Show response
tankgutschein.sofortchancen.de/
Redirect Chain

https://track.wbamedia.com/click?pid=14&offer_id=7692&sub1=M7112020681717448791&sub2=20961-37eddb7e-d856e882&sub3=20961&sub4=kg0108&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
https://gfsdloocn.com/link?z=5062064&var=14_20961-37eddb7e-d856e882&ymid=62b2f92255ea980001ef4797
https://ihre-tageschance.de/de,arctoll_2234.html?idPartner=1721&idCampaignAd=0&subId=5062064_14_20961-37eddb7e-d856e882&subIdentifier=563432479162377082&additionalParamString={var_3}
https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

190 KB
190 KB

511ms
414ms

Document
text/html

188.95.252.36

General

Check archive.org

Show headers Download Go to

Full URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Requested by: Host: ad.marootrack.co
URL: https://ad.marootrack.co/proc.php?58e17a8c7ea943b2ff780a403fba0538d2746dc2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 3ec33bac991b331d806a6299ff61661cd8b554d0daaeaf5bea96cad474d30014

Request headers

Referer: https://ad.marootrack.co/proc.php?58e17a8c7ea943b2ff780a403fba0538d2746dc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Jun 2022 11:12:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Jun 2022 11:12:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 465
date: Wed, 22 Jun 2022 11:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 22 Jun 2022 13:04:49 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 86 KB
30 KB 40ms
10ms Script
application/javascript 152.199.19.160

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js

Requested by

Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 -, , ASN (),

Reverse DNS

Software

ECAcc (frc/8E90) /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27946586
x-cache: HIT
content-length: 30737
x-xss-protection: 1; mode=block
last-modified: Thu, 02 May 2019 18:32:11 GMT
server: ECAcc (frc/8E90)
etag: "808705b151d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shdfp.js Show response
d1cr9zxt7u0sgu.cloudfront.net/ 84 KB
26 KB 66ms
9ms Script
application/javascript 143.204.214.207

General

Check archive.org

Show headers Download Go to

Full URL: https://d1cr9zxt7u0sgu.cloudfront.net/shdfp.js?SITE_ID=218a2560b3a2774254c9535b5e63c482d14d5e20&TYPE=JS&DE=1
Requested by: Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.207 -, , ASN (),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 84bab018c3c5a57e389a625460a3777f504fa37e6230fd68ceab4c9e007d347a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:02 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 09:40:08 GMT
server: nginx/1.14.2
age: 42
etag: W/"6225d2f8-14ec8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ruOdiA8P28lbZljOKrxyRuEN5Fq5k8tbIR1TUKtMxvzB0_5DMRtuCw==

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 38ms
17ms Stylesheet
text/css 2606:4700::6812:bcf

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 9837159
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
cf-ray: 71f48cba7c7c92c9-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 css2
fonts.googleapis.com/ 8 KB
616 B 49ms
19ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700&display=swap

Requested by

Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce0f36dfde15ed99cf9b064c98daa017202fbb2aa73e23d32ba4e21cf4026228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 10:08:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 11:12:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 11:12:34 GMT

GET
H2 200 4BPm8eKCLLtycAJE8.js Show response
static.cleverpush.com/channel/loader/ 253 KB
51 KB 60ms
33ms Script
application/javascript 2606:4700:20::ac43:47b8

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Requested by: Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d69bae8c83093856b49f44ae6cc0cce0783553cddb574cdd2affeae6b6332c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14379
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5DRVBTVDE4QX3T7N
x-amz-id-2: 9tSWnyk1GcezM1wFxmmmysK4UYcUL8HITv9LbCTvSXpYaNxGR40I9T/zrhMS6R+4zkCN+EhaK8o=
last-modified: Tue, 21 Jun 2022 00:32:01 GMT
server: cloudflare
etag: W/"d1f5f65e21d654f7bcc825533cf2592d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nH9TOdT6Reo6AUktxy7aKxN1fsnDO5eerU2qf2dD9lx%2FRUrLbF8Kpb4exUV3IqYSTxSkqGmmu96VHHLzo8J2YJA%2B7TFqHHms9x%2BBWXt4K3RWAnh6ZfNSFfpeBzam5Hv7xDjzWNSxamVXXx8ADvRqyMTbEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 71f48cbb1b709134-FRA

GET
H/1.1 200
OK bigtanken.png
tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/ 36 KB
36 KB 99ms
32ms Image
image/png 188.95.252.36

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/bigtanken.png
Requested by: Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 11:12:34 GMT
Last-Modified: Thu, 10 Mar 2022 09:38:13 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 36577
Content-Type: image/png

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
997 B 41ms
16ms Script
text/javascript 2a00:1450:4001:801::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6

Requested by

Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

3b4f2b7b46fa0244c211afae97e7a6606166e9934d0f05daf1c53039669ab5d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 11:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Wed, 22 Jun 2022 11:12:35 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 31ms
14ms XHR
text/plain 2a00:1450:4001:829::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1583006253&t=pageview&_s=1&dl=https%3A%2F%2Ftankgutschein.sofortchancen.de%2Fcampaign_3483.html%3FcoyoteAffiliTokenId%3D461636908%26additionalParamString%3D%257Bvar_3%257D%26&dp=3483%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=812019755&gjid=688028558&cid=1016524043.1655896355&tid=UA-68861802-12&_gid=1976218260.1655896355&_r=1&_slc=1&cg1=3483&cg2=192&cg3=1721&cg4=5062064_14_20961-37eddb7e-d856e8&cg5=563432479162377082&cd1=3483&cd2=192&cd3=1721&cd4=5062064_14_20961-37eddb7e-d856e8&cd5=563432479162377082&cd6=2421&z=1913487291

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tankgutschein.sofortchancen.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 11:12:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tankgutschein.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:829::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1583006253&t=event&_s=2&dl=https%3A%2F%2Ftankgutschein.sofortchancen.de%2Fcampaign_3483.html%3FcoyoteAffiliTokenId%3D461636908%26additionalParamString%3D%257Bvar_3%257D%26&dp=3483%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=192&ea=pageview&el=3483%2Fadressdata1%2F&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1016524043.1655896355&tid=UA-68861802-12&_gid=1976218260.1655896355&cg1=3483&cg2=192&cg3=1721&cg4=5062064_14_20961-37eddb7e-d856e8&cg5=563432479162377082&cd1=3483&cd2=192&cd3=1721&cd4=5062064_14_20961-37eddb7e-d856e8&cd5=563432479162377082&cd6=2421&z=2131749986

Requested by

Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 17:31:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63684
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:829::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1583006253&t=event&_s=3&dl=https%3A%2F%2Ftankgutschein.sofortchancen.de%2Fcampaign_3483.html%3FcoyoteAffiliTokenId%3D461636908%26additionalParamString%3D%257Bvar_3%257D%26&dp=3483%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=192&ea=idPartner&el=1721&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1016524043.1655896355&tid=UA-68861802-12&_gid=1976218260.1655896355&cg1=3483&cg2=192&cg3=1721&cg4=5062064_14_20961-37eddb7e-d856e8&cg5=563432479162377082&cd1=3483&cd2=192&cd3=1721&cd4=5062064_14_20961-37eddb7e-d856e8&cd5=563432479162377082&cd6=2421&z=671920685

Requested by

Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 17:31:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63684
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:829::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1583006253&t=event&_s=4&dl=https%3A%2F%2Ftankgutschein.sofortchancen.de%2Fcampaign_3483.html%3FcoyoteAffiliTokenId%3D461636908%26additionalParamString%3D%257Bvar_3%257D%26&dp=3483%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=192&ea=idAmKampagne&el=3483&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1016524043.1655896355&tid=UA-68861802-12&_gid=1976218260.1655896355&cg1=3483&cg2=192&cg3=1721&cg4=5062064_14_20961-37eddb7e-d856e8&cg5=563432479162377082&cd1=3483&cd2=192&cd3=1721&cd4=5062064_14_20961-37eddb7e-d856e8&cd5=563432479162377082&cd6=2421&z=591105608

Requested by

Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 17:31:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63684
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:829::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1583006253&t=event&_s=5&dl=https%3A%2F%2Ftankgutschein.sofortchancen.de%2Fcampaign_3483.html%3FcoyoteAffiliTokenId%3D461636908%26additionalParamString%3D%257Bvar_3%257D%26&dp=3483%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=192&ea=wgname&el=Aral%20-%20Shell%20-%20Total%20Tankgutschein%20Ihrer%20Wahl&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1016524043.1655896355&tid=UA-68861802-12&_gid=1976218260.1655896355&cg1=3483&cg2=192&cg3=1721&cg4=5062064_14_20961-37eddb7e-d856e8&cg5=563432479162377082&cd1=3483&cd2=192&cd3=1721&cd4=5062064_14_20961-37eddb7e-d856e8&cd5=563432479162377082&cd6=2421&z=1999438939

Requested by

Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 17:31:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63684
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
9ms Image
image/gif 2a00:1450:4001:829::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1583006253&t=event&_s=6&dl=https%3A%2F%2Ftankgutschein.sofortchancen.de%2Fcampaign_3483.html%3FcoyoteAffiliTokenId%3D461636908%26additionalParamString%3D%257Bvar_3%257D%26&dp=3483%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=192&ea=1721&el=5062064_14_20961-37eddb7e-d856e8&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1016524043.1655896355&tid=UA-68861802-12&_gid=1976218260.1655896355&cg1=3483&cg2=192&cg3=1721&cg4=5062064_14_20961-37eddb7e-d856e8&cg5=563432479162377082&cd1=3483&cd2=192&cd3=1721&cd4=5062064_14_20961-37eddb7e-d856e8&cd5=563432479162377082&cd6=2421&z=654685146

Requested by

Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 17:31:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63684
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rmodal.js Show response
tankgutschein.sofortchancen.de/templates/js/ 5 KB
5 KB 97ms
32ms Script
application/javascript 188.95.252.36

General

Check archive.org

Show headers Download Go to

Full URL: https://tankgutschein.sofortchancen.de/templates/js/rmodal.js
Requested by: Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 6f5e135c82fd06a89c90eb3dd9256af1981d3acc9031ab4c280945489ee44ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 11:12:34 GMT
Last-Modified: Tue, 04 May 2021 04:37:33 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 4883
Content-Type: application/javascript

GET
H/1.1 200
OK agbModal.js
tankgutschein.sofortchancen.de/templates/js/ 9 KB
9 KB 97ms
33ms Script
application/javascript 188.95.252.36

General

Check archive.org

Show headers Download Go to

Full URL: https://tankgutschein.sofortchancen.de/templates/js/agbModal.js
Requested by: Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 11:12:34 GMT
Last-Modified: Tue, 04 May 2021 04:37:28 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 8796
Content-Type: application/javascript

GET
H/1.1 200
OK rmodal-no-bootstrap.css
tankgutschein.sofortchancen.de/templates/css/ 1 KB
1 KB 99ms
32ms Stylesheet
text/css 188.95.252.36

General

Check archive.org

Show headers Download Go to

Full URL: https://tankgutschein.sofortchancen.de/templates/css/rmodal-no-bootstrap.css
Requested by: Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: bbc10a31d1e970642919cefbb9103ec65e4796250e89112ebd04a73478ca3848

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 11:12:34 GMT
Last-Modified: Tue, 04 May 2021 04:37:21 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1106
Content-Type: text/css

GET
H/1.1 200
OK top,shadow.png
tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/ 136 B
341 B 97ms
32ms Image
image/png 188.95.252.36

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/top,shadow.png
Requested by: Host: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: bf37f0c405389fda13867faa69cf36ffe1b8764f3e0460f2caade056a36d2483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tankgutschein.sofortchancen.de/campaign_3483.html?coyoteAffiliTokenId=461636908&additionalParamString=%7Bvar_3%7D&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 11:12:34 GMT
Last-Modified: Thu, 10 Mar 2022 09:14:46 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 136
Content-Type: image/png

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v20/ 33 KB
33 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v20/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tankgutschein.sofortchancen.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 19:25:03 GMT
x-content-type-options: nosniff
age: 575252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33620
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 19:25:03 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
452 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68861802-12&cid=1016524043.1655896355&jid=812019755&gjid=688028558&_gid=1976218260.1655896355&_u=YEBAAEAAAAAAAC~&z=1640660465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tankgutschein.sofortchancen.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 22 Jun 2022 11:12:35 GMT
content-type: text/plain
access-control-allow-origin: https://tankgutschein.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tankgutschein.sofortchancen.de/
Origin: https://tankgutschein.sofortchancen.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 10:35:50 GMT

GET ga-audiences
www.google.com/ads/ 0
0

GET ga-audiences
www.google.de/ads/ 0
0

GET pb1,active.png
tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/ 0
0

GET pb2.png
tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/ 0
0

GET pb,gift.png
tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/ 0
0

GET main_layout_logo.png
tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/ 0
0

GET coyoteDefaultLibrary.css
tankgutschein.sofortchancen.de/templates/coyoteDefaultLibrary/ 0
0

GET coyoteDefaultLibrary.js
tankgutschein.sofortchancen.de/templates/coyoteDefaultLibrary/ 0
0

GET 728.7b6f54f3930606b9c19d.js
static.cleverpush.com/sdk/chunk/ 0
0

GET bottom,shadow.png
tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68861802-12&cid=1016524043.1655896355&jid=812019755&_u=YEBAAEAAAAAAAC~&z=1149937944

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68861802-12&cid=1016524043.1655896355&jid=812019755&_u=YEBAAEAAAAAAAC~&z=1149937944

Domain: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/pb1,active.png

Domain: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/pb2.png

Domain: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/pb,gift.png

Domain: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/main_layout_logo.png

Domain: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/templates/coyoteDefaultLibrary/coyoteDefaultLibrary.css

Domain: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/templates/coyoteDefaultLibrary/coyoteDefaultLibrary.js

Domain: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/728.7b6f54f3930606b9c19d.js

Domain: tankgutschein.sofortchancen.de
URL: https://tankgutschein.sofortchancen.de/media/adresseManager/microSiteImg/3483/bottom,shadow.png

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
curl.ro/	1970-01-20 03:58:23	Name: XSRF-TOKEN Value: eyJpdiI6IllycHgzeis4RFo1K2w3VGZoZGVUb2c9PSIsInZhbHVlIjoibTJmZjVDRUdxXC9ROWtKMWtHSGJ5eEM0N3ZheTBkTnlKU3FSYUdsZXc3MVNqblM1cm9BQjF4dTVYMXVzdW1cLzlkOUM4bDBLMURGajR4cjBKcm1FdG8zK21Qd0dVcnl0bFc3YnY2WDlUOThLV2RcL25TdUNQRzFmcDRjcVlyNFlQVjAiLCJtYWMiOiIwOWQwM2FjNzBhNWZjNDM4YTgxOTg0NDlkYzE2MTFiYzljZWI2MjY2ZDhmOTc4NjYxMmE5NTc5ZjBlZmUxMmYxIn0%3D
curl.ro/	1970-01-20 03:58:23	Name: phpshort_session Value: eyJpdiI6IjRPYWdOUDd5dVBocmNjcjF2NmpJN2c9PSIsInZhbHVlIjoiTDA0XC9cL3VjUE5SQU9LbFdHdWQzNndDM2s2cGRrQndSeFFFeksyelYzRThKaVY5MVZ3TWFZZmMrVFdrMU51MDc0RVppYU5seXBwaFFCS3FjVzYrZElqMGppNTRnbnBNcDgxaFd6M3IxM3p1VjZtdnZ0UXVNM0dKd1dydmlLbmZzTSIsIm1hYyI6IjIyMzQ3OWFmZWFhYjIxOGM1MWEwYTBjNzYxMWI3MTJjNjA5NzQ4ZjgyZjQwMzk1NTg5N2RmOTkzNjdlYmJhNTMifQ%3D%3D
monkey.redirectmaster.com/	1970-01-20 12:43:52	Name: u Value: 6c201b355ebd8ab9325e3810c5da8f6f
admoustache.go2affise.com/	1970-01-20 12:43:52	Name: afclick Value: 62b2f9202b98f00001d3af3d
www.mingotime.com/	1970-01-20 04:08:21	Name: AWSALB Value: 5edX6y8GxGwtmvFkRQsfq0FDMdARJYjHIJnVGmJ1k4bF5ul+72puqqItuz06q4gBM8MPdMoiHetWJEbFY+EFLsW/E7B8qQxHNKFMgFODywU/qAwKadAe0AiH9IeG
.mingotime.com/	1970-01-20 03:58:18	Name: __cf_bm Value: Aw0drqOKYDX88bObguyz2pk9M6d2zoGxsUhwKNRbax8-1655896353-0-AcuTXqrnbeAcXWA/Lt6WHuKowvsfQ6Nm2lCoPTCHRNTFKfL+goSPR1dZcQuKnXAMMVykrCcF3Perjt5NGUInrQaEgoQjDDP4pDRuTfSPr6Kh7l0pV13wZiN8NVHR30J/HQ==
ad.marootrack.co/	1970-01-20 12:43:52	Name: u Value: 43c9012c5a656d52ae060c6596c5acfe

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.marootrack.co
admoustache.go2affise.com
ajax.aspnetcdn.com
b-cloud.b-cdn.net
cdn.addlnk.com
curl.ro
d1cr9zxt7u0sgu.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gfsdloocn.com
ihre-tageschance.de
lychee12172954.brizy.site
mackfbs.me
maxcdn.bootstrapcdn.com
monkey.redirectmaster.com
polo.thegadgetguru.club
static.cleverpush.com
stats.g.doubleclick.net
tankgutschein.sofortchancen.de
track.aditserve.com
track.wbamedia.com
whos.amung.us
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.mingotime.com
www.offermyvist.com
static.cleverpush.com
tankgutschein.sofortchancen.de
www.google.com
www.google.de
139.45.197.239
143.204.214.207
152.199.19.160
188.95.252.36
2606:4700:20::ac43:47b8
2606:4700:3030::ac43:bfdd
2606:4700:3035::6815:51d8
2606:4700:3035::ac43:ce3d
2606:4700::6812:bcf
2a00:1450:4001:801::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c0c::9c
2a00:1450:400e:80c::200a
34.147.1.177
34.147.37.248
34.237.47.210
34.91.234.242
51.68.85.158
64.227.23.114
65.60.58.179
67.202.114.216
84.17.46.53
89.42.231.136
99.198.108.194
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
15a5a66a799b07e112d065aa1a529bbe7e303c07b69422253394e3e36f948f48
174a295f6ac33aa2c8424671f881d22bdf2623375ed19190bc0d11dc57473a3e
1d10caf4ad49c330acda67e1c464b98114797a777b5ad889087c71b548344921
3b443e63989cfbf4f92fe13acbaf14cf4423c2f63f378cb23c955b4dbfd1036c
3b4f2b7b46fa0244c211afae97e7a6606166e9934d0f05daf1c53039669ab5d2
3ec33bac991b331d806a6299ff61661cd8b554d0daaeaf5bea96cad474d30014
6f5e135c82fd06a89c90eb3dd9256af1981d3acc9031ab4c280945489ee44ff1
70630730df53fd04df6e1db994bc9888291779527e4337c7e2f5a476fff8c5cf
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bab018c3c5a57e389a625460a3777f504fa37e6230fd68ceab4c9e007d347a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9b0a70fd87ade99e29e47d9abe9c0a7d45f3974c4986ce2703d855fa2c915f5f
9b8ed8a247d9fafda3fd4c59f9b33fffbce8351a65276b56fede68e2398cd36e
9ba2b2408fc39bca2b4b7f77744aa1ee4b4d027b583f8c866eabbea3de13161a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19fc5244f2c5bd7f96ebefe24cdb3bbb9759140e04df643ff68e132c162d428
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b342c02cf1b71aed9e48e8f28e24df74a833a8b3a2265839a7df3308f85a9ac0
b5521ef86ec867b4e8b10f843bcecd75428f2094ef70b8c0f83958ed5bd70653
bbc10a31d1e970642919cefbb9103ec65e4796250e89112ebd04a73478ca3848
bf37f0c405389fda13867faa69cf36ffe1b8764f3e0460f2caade056a36d2483
ce0f36dfde15ed99cf9b064c98daa017202fbb2aa73e23d32ba4e21cf4026228
d69bae8c83093856b49f44ae6cc0cce0783553cddb574cdd2affeae6b6332c4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

tankgutschein.sofortchancen.de Open in urlscan Pro 188.95.252.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

51 Requests

80 %HTTPS

42 %IPv6

27 Domains

28 Subdomains

21 IPs

5 Countries

738 kBTransfer

1806 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tankgutschein.sofortchancen.de Open in urlscan Pro
188.95.252.36 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

80 %
HTTPS

42 %
IPv6

27
Domains

28
Subdomains

21
IPs

5
Countries

738 kB
Transfer

1806 kB
Size

7
Cookies

51 HTTP transactions
0 data transactions