urlscan.io logo urlscan.io
SecurityTrails logo

amz-15promax-sg01.sofortchancen.de Open in urlscan Pro
188.95.252.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ncxynvs.com/
Effective URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Submission: On May 25 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 18 domains to perform 52 HTTP transactions. The main IP is 188.95.252.36, located in Spain and belongs to RACKMARKT, ES. The main domain is amz-15promax-sg01.sofortchancen.de.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 20th 2024. Valid for: 3 months.
This is the only time amz-15promax-sg01.sofortchancen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 47.252.93.52 45102 (ALIBABA-C...)
1 2 2600:9000:26d... 16509 (AMAZON-02)
1 2600:9000:26d... 16509 (AMAZON-02)
1 1 155.138.218.204 20473 (AS-CHOOPA)
1 1 2a00:c98:2030... 28753 (LEASEWEB-...)
2 2 52.72.186.211 14618 (AMAZON-AES)
1 1 188.95.252.33 197518 (RACKMARKT)
12 188.95.252.36 197518 (RACKMARKT)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
14 172.67.71.184 13335 (CLOUDFLAR...)
3 142.250.185.228 15169 (GOOGLE)
6 142.250.185.142 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 142.250.186.35 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 54.175.8.176 14618 (AMAZON-AES)
1 159.69.145.0 24940 (HETZNER-AS)
52 16
1    47.252.93.52 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
ncxynvs.com
2    2600:9000:26da:ee00:11:c066:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
track.cornzself.com
1    2600:9000:26da:5600:1a:e991:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)
track.pairfitem.com
1    155.138.218.204 (Atlanta, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 155.138.218.204.vultrusercontent.com
go.beterwat.xyz
1    2a00:c98:2030:a025:9:: (Neumünster, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
hpv0o.rdtk.io
2    52.72.186.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-186-211.compute-1.amazonaws.com
gowedoo.com
1    188.95.252.33 (Spain)

ASN197518 (RACKMARKT, ES)
PTR: master.ceoo.cli.rackmarkt.com
gewinn-ometer.com
12    188.95.252.36 (Spain)

ASN197518 (RACKMARKT, ES)
amz-15promax-sg01.sofortchancen.de
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    172.67.71.184 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
api.cleverpush.com
3    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
6    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
2    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    54.175.8.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-8-176.compute-1.amazonaws.com
gowedoo.com
1    159.69.145.0 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.145.69.159.clients.your-server.de
arctollceoo.mycleverpush.com
Apex Domain
Subdomains		 Transfer
14 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 24654
api.cleverpush.com — Cisco Umbrella Rank: 21697
138 KB
12 sofortchancen.de
amz-15promax-sg01.sofortchancen.de
423 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3095
1 KB
4 gowedoo.com
gowedoo.com
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7810
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
409 B
2 cornzself.com
track.cornzself.com
2 KB
1 mycleverpush.com
arctollceoo.mycleverpush.com
1 gstatic.com
www.gstatic.com
209 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
916 B
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2465
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
104 KB
1 gewinn-ometer.com
gewinn-ometer.com
772 B
1 rdtk.io
hpv0o.rdtk.io
931 B
1 beterwat.xyz
go.beterwat.xyz
369 B
1 pairfitem.com
track.pairfitem.com — Cisco Umbrella Rank: 857966
911 B
1 ncxynvs.com
ncxynvs.com
562 B
52 18
Domain Requested by
12 amz-15promax-sg01.sofortchancen.de track.pairfitem.com
amz-15promax-sg01.sofortchancen.de
10 static.cleverpush.com amz-15promax-sg01.sofortchancen.de
static.cleverpush.com
8 www.google-analytics.com amz-15promax-sg01.sofortchancen.de
www.google-analytics.com
4 api.cleverpush.com static.cleverpush.com
4 gowedoo.com 3 redirects ajax.aspnetcdn.com
3 region1.analytics.google.com www.googletagmanager.com
3 www.google.com amz-15promax-sg01.sofortchancen.de
www.gstatic.com
2 www.google.de amz-15promax-sg01.sofortchancen.de
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 track.cornzself.com 1 redirects
1 arctollceoo.mycleverpush.com static.cleverpush.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com amz-15promax-sg01.sofortchancen.de
1 ajax.aspnetcdn.com amz-15promax-sg01.sofortchancen.de
1 www.googletagmanager.com amz-15promax-sg01.sofortchancen.de
1 gewinn-ometer.com 1 redirects
1 hpv0o.rdtk.io 1 redirects
1 go.beterwat.xyz 1 redirects
1 track.pairfitem.com track.cornzself.com
1 ncxynvs.com 1 redirects
52 20
Subject Issuer Validity Valid
track.cornzself.com
Amazon RSA 2048 M02		 2024-04-30 -
2025-05-29		 a year crt.sh
track.pairfitem.com
Amazon RSA 2048 M02		 2024-05-09 -
2025-06-07		 a year crt.sh
amz-15promax-sg01.sofortchancen.de
cPanel, Inc. Certification Authority		 2024-05-20 -
2024-08-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2025-01-30		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
cleverpush.com
E1		 2024-04-30 -
2024-07-29		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.de
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gowedoo.com
AlphaSSL CA - SHA256 - G4		 2023-09-15 -
2024-10-16		 a year crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-16 -
2025-06-16		 a year crt.sh

This page contains 4 frames:

Primary Page: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Frame ID: B72299F562A9BD61BB955C601FA354ED
Requests: 47 HTTP requests in this frame

Frame: https://gowedoo.com/p.ashx?e=15&t=&r=472-14837745&ch-redir=1
Frame ID: F58F18A58A290A4F29BCDB6C07299FAC
Requests: 1 HTTP requests in this frame

Frame: https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de
Frame ID: 8A3C4F96EFEB28370C6456BE6B9EDCF5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9hbXotMTVwcm9tYXgtc2cwMS5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=de&v=joHA60MeME-PNviL59xVH9zs&size=invisible&cb=3jz3zu1zjpx6
Frame ID: 43EEC76B005E01396BFE7ED78E8A2E04
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amazon-Gutschein + iPhone 15 Pro Max

Page URL History Show full URLs

  1. http://ncxynvs.com/ HTTP 307
    https://ncxynvs.com/ HTTP 307
    http://ncxynvs.com/ HTTP 302
    https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7... HTTP 307
    https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3... Page URL
  2. https://track.pairfitem.com/redirect?target=BASE64aHR0cHM6Ly9nby5iZXRlcndhdC54eXovdHMzODU5LWludGVybmF0aW... Page URL
  3. https://go.beterwat.xyz/ts3859-international-general&cid=wlcjqssuhsdh84i1jd1dg93q&thru=8cbcb62e-691d... HTTP 302
    https://hpv0o.rdtk.io/660585361640420001c9bd00?sub1={3859}&sub2=&sub3=&sub4=181420155&sub5=91715&s... HTTP 302
    https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=66524d920e55da00016fe3aa HTTP 302
    https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=66524d920e55da00016fe3a... HTTP 302
    https://gewinn-ometer.com/de,amazon,1,000,and,iphone,15,pro,max,no,prl,tmp,184,sofortgewinn,optin,popu... HTTP 302
    https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

52
Requests

100 %
HTTPS

43 %
IPv6

18
Domains

20
Subdomains

16
IPs

4
Countries

932 kB
Transfer

2006 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ncxynvs.com/ HTTP 307
    https://ncxynvs.com/ HTTP 307
    http://ncxynvs.com/ HTTP 302
    https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY HTTP 307
    https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY Page URL
  2. https://track.pairfitem.com/redirect?target=BASE64aHR0cHM6Ly9nby5iZXRlcndhdC54eXovdHMzODU5LWludGVybmF0aW9uYWwtZ2VuZXJhbCZjaWQ9d2xjanFzc3Voc2RoODRpMWpkMWRnOTNxJnRocnU9OGNiY2I2MmUtNjkxZC00YzBiLTlmYTMtMTVjYzc3MTVmYmY4&ts=1716669841679&hash=ZWtiwh9iSTmCtWREYhBUnlLLZ6mGFzl2Pps0C2UI_Aw&rm=DJ Page URL
  3. https://go.beterwat.xyz/ts3859-international-general&cid=wlcjqssuhsdh84i1jd1dg93q&thru=8cbcb62e-691d-4c0b-9fa3-15cc7715fbf8 HTTP 302
    https://hpv0o.rdtk.io/660585361640420001c9bd00?sub1={3859}&sub2=&sub3=&sub4=181420155&sub5=91715&sub6=DE&sub7=b2036ce1-2a70-4375-acb2-475a26817ad3&sub8=8cbcb62e-691d-4c0b-9fa3-15cc7715fbf8&ref_id=GWIB8KZM7A300GOR1YRNSTI5&cost=0.0 HTTP 302
    https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=66524d920e55da00016fe3aa HTTP 302
    https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=66524d920e55da00016fe3aa&ch-redir=1&ckmxid=cp94r4ll0000mb511mu0 HTTP 302
    https://gewinn-ometer.com/de,amazon,1,000,and,iphone,15,pro,max,no,prl,tmp,184,sofortgewinn,optin,popup,arctoll,aff_2765.html?idPartner=1601&subId=224&subIdentifier=%7b3859%7d&additionalParamString=472-14837745&tpid=25 HTTP 302
    https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ncxynvs.com/ HTTP 307
  • https://ncxynvs.com/ HTTP 307
  • http://ncxynvs.com/ HTTP 302
  • https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY HTTP 307
  • https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY
Request Chain 33
  • https://gowedoo.com/p.ashx?e=15&t=&r=472-14837745 HTTP 302
  • https://gowedoo.com/p.ashx?e=15&t=&r=472-14837745&ch-redir=1

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
2
track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c/
Redirect Chain
  • http://ncxynvs.com/
  • https://ncxynvs.com/
  • http://ncxynvs.com/
  • https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY
  • https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY
918 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:ee00:11:c066:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
388d7f1ea0207e3fc194d522c89c86bb149008c30b67b2ae8fa92a557842d86b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Sat, 25 May 2024 20:44:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 5f2f5e879d7e38fec917517376aca8bc.cloudfront.net (CloudFront)
x-amz-cf-id
s02swLk_2bnN61S3AqPSRPryU3VNyGQHv5cH5ZgweD3TGlTcXOo5ZQ==
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront

Redirect headers

accept-ch
sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-full-version-list,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sat, 25 May 2024 20:44:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY
pragma
no-cache
server
nginx
via
1.1 5f2f5e879d7e38fec917517376aca8bc.cloudfront.net (CloudFront)
x-amz-cf-id
I31OrrkPBZTC8YxKHzND_4_8u6sNP3trsWHtHz4Oz_L5Q8rRsRlF-Q==
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
redirect
track.pairfitem.com/ 		584 B
911 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.pairfitem.com/redirect?target=BASE64aHR0cHM6Ly9nby5iZXRlcndhdC54eXovdHMzODU5LWludGVybmF0aW9uYWwtZ2VuZXJhbCZjaWQ9d2xjanFzc3Voc2RoODRpMWpkMWRnOTNxJnRocnU9OGNiY2I2MmUtNjkxZC00YzBiLTlmYTMtMTVjYzc3MTVmYmY4&ts=1716669841679&hash=ZWtiwh9iSTmCtWREYhBUnlLLZ6mGFzl2Pps0C2UI_Aw&rm=DJ
Requested by
Host: track.cornzself.com
URL: https://track.cornzself.com/e7f8f25a-9adb-4c72-ae0a-40f7251b624c/2?%7Bvar1%7D=txt1&%7Bvar2%7D=mz&%7Bvar3%7D=EMPTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:5600:1a:e991:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
713fb1f4c89b008f61db6206dd11f055a168ae13e4411455d8234a3988007131

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Sat, 25 May 2024 20:44:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-id
Y_EQV8zB_1I-VvuqgULovWE-PP1YqYibish3MPBgHH7pmD16mqgQOQ==
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
Primary Request campaign_4304.html
amz-15promax-sg01.sofortchancen.de/
Redirect Chain
  • https://go.beterwat.xyz/ts3859-international-general&cid=wlcjqssuhsdh84i1jd1dg93q&thru=8cbcb62e-691d-4c0b-9fa3-15cc7715fbf8
  • https://hpv0o.rdtk.io/660585361640420001c9bd00?sub1={3859}&sub2=&sub3=&sub4=181420155&sub5=91715&sub6=DE&sub7=b2036ce1-2a70-4375-acb2-475a26817ad3&sub8=8cbcb62e-691d-4c0b-9fa3-15cc7715fbf8&ref_id=G...
  • https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=66524d920e55da00016fe3aa
  • https://gowedoo.com/?E=CE5HN%2bm%2fEiZG2OiXTaVtIA%3d%3d&s1=%7B3859%7D&s2=66524d920e55da00016fe3aa&ch-redir=1&ckmxid=cp94r4ll0000mb511mu0
  • https://gewinn-ometer.com/de,amazon,1,000,and,iphone,15,pro,max,no,prl,tmp,184,sofortgewinn,optin,popup,arctoll,aff_2765.html?idPartner=1601&subId=224&subIdentifier=%7b3859%7d&additionalParamString...
  • https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
266 KB
267 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Requested by
Host: track.pairfitem.com
URL: https://track.pairfitem.com/redirect?target=BASE64aHR0cHM6Ly9nby5iZXRlcndhdC54eXovdHMzODU5LWludGVybmF0aW9uYWwtZ2VuZXJhbCZjaWQ9d2xjanFzc3Voc2RoODRpMWpkMWRnOTNxJnRocnU9OGNiY2I2MmUtNjkxZC00YzBiLTlmYTMtMTVjYzc3MTVmYmY4&ts=1716669841679&hash=ZWtiwh9iSTmCtWREYhBUnlLLZ6mGFzl2Pps0C2UI_Aw&rm=DJ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
bee143670e10badf9dd5981f9ae445e5d8f5f2d284ca152641ff09cf80f57455

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://track.pairfitem.com/redirect?target=BASE64aHR0cHM6Ly9nby5iZXRlcndhdC54eXovdHMzODU5LWludGVybmF0aW9uYWwtZ2VuZXJhbCZjaWQ9d2xjanFzc3Voc2RoODRpMWpkMWRnOTNxJnRocnU9OGNiY2I2MmUtNjkxZC00YzBiLTlmYTMtMTVjYzc3MTVmYmY4&ts=1716669841679&hash=ZWtiwh9iSTmCtWREYhBUnlLLZ6mGFzl2Pps0C2UI_Aw&rm=DJ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Sat, 25 May 2024 20:44:03 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Sat, 25 May 2024 20:44:02 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 25 May 2024 20:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
896
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 25 May 2024 22:29:08 GMT
js
www.googletagmanager.com/gtag/ 		320 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4135200fd4f1661ddd866dae4035491038121873fe02310f6d40b4b1092f500b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106191
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 25 May 2024 20:44:04 GMT
jquery-3.4.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDC) /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5417847
x-cache
HIT
content-length
30737
x-xss-protection
1; mode=block
last-modified
Thu, 02 May 2019 18:32:11 GMT
server
ECAcc (frc/4CDC)
etag
"808705b151d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
184.css
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteCss/ 		39 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteCss/184.css
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
f51d3c011546a8d70239912ca1f349566e396f781da0757b351ced84ea2ff92a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:03 GMT
Last-Modified
Mon, 04 Mar 2024 13:28:09 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
40260
Content-Type
text/css
css
fonts.googleapis.com/ 		5 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Teko:300,400,500,600,700
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ecdb7e3fb838e846a1945c4e00b05eda1484169e3c5d5c945a80537ca7ceecde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 25 May 2024 20:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 25 May 2024 20:44:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 May 2024 20:44:04 GMT
4BPm8eKCLLtycAJE8.js
static.cleverpush.com/channel/loader/ 		325 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d49cf2fa0eeb662968fbb4fd2e46186e4e0ac9f82ab1f0e94abad8ddcbb868

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
K2BAGGDX099JE2VH
age
17765
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
sSh4ZInDUdOH5War/yEdGEnNpc5ZnDWs2LuKD5H6g7lbdYoZqCkpsikgxkGYMOd1M6IVI47BT0I=
last-modified
Fri, 24 May 2024 09:12:30 GMT
server
cloudflare
etag
W/"e99bef03ca736be5924735782da4763e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y107pq%2FFp%2FQntF5cZozfygvP4kEQEDFeVW3n33Appf%2BvAjoLSfqZW29KeUoeTrIi%2FnGzwIe9EoU3%2BS1VLCs43mg3lM%2FHnogpQLl1SB1mLqZGKJlms73OazObW06CAn8SwAcRfxgTAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
88985c8248f31bc3-FRA
e1,step1active.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/e1,step1active.png
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
847dd5d262cf68ae4360339ddff16dfdd4182246bb9dff0fc4b7de6ef432a033

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:03 GMT
Last-Modified
Tue, 05 Mar 2024 08:53:11 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1144
Content-Type
image/png
step2.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/step2.png
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
7d193fbace08404a618d45b6381bc57b5326eb3861b15d0ceabc249a43b79885

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:03 GMT
Last-Modified
Tue, 05 Mar 2024 08:53:11 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1731
Content-Type
image/png
step3.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/step3.png
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
a1eb2a3c06756218bf69dc7f1ab3d34b68198442a3beff5d45253a2e1bc27bc0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:04 GMT
Last-Modified
Tue, 05 Mar 2024 08:53:11 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
4355
Content-Type
image/png
gift.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/gift.png
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
a44471d952f7eb2a8f4e4639772c14e3f7fdf0014a26f3da2f8d3ca2504f16a1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:04 GMT
Last-Modified
Tue, 05 Mar 2024 08:53:11 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
3797
Content-Type
image/png
api.js
www.google.com/recaptcha/ 		1 KB
975 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
4a5b74dff01aed3f35fee87b8fe8ae210d2b6d51f2595365c873986989cb1a14
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 25 May 2024 20:44:04 GMT
collect
www.google-analytics.com/j/ 		4 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1284568503&t=pageview&_s=1&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D514061512%26additionalParamString%3D472-14837745%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACACI~&jid=668357086&gjid=1348292214&cid=490303089.1716669845&tid=UA-68861802-12&_gid=174031496.1716669845&_r=1&_slc=1&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=2093546126
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 May 2024 20:44:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amz-15promax-sg01.sofortchancen.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1284568503&t=event&_s=2&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D514061512%26additionalParamString%3D472-14837745%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=184&ea=pageview&el=4304%2Fadressdata1%2F&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=490303089.1716669845&tid=UA-68861802-12&_gid=174031496.1716669845&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=796934664
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 14:46:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21452
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1284568503&t=event&_s=3&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D514061512%26additionalParamString%3D472-14837745%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=184&ea=idPartner&el=1601&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=490303089.1716669845&tid=UA-68861802-12&_gid=174031496.1716669845&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=1248512410
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 14:46:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21452
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1284568503&t=event&_s=4&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D514061512%26additionalParamString%3D472-14837745%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=184&ea=idAmKampagne&el=4304&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=490303089.1716669845&tid=UA-68861802-12&_gid=174031496.1716669845&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=412262112
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 14:46:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21452
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1284568503&t=event&_s=5&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D514061512%26additionalParamString%3D472-14837745%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=184&ea=wgname&el=Amazon-Gutschein%20%2B%20iPhone%2015%20Pro%20Max&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=490303089.1716669845&tid=UA-68861802-12&_gid=174031496.1716669845&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=2086601855
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 14:46:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21452
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1284568503&t=event&_s=6&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D514061512%26additionalParamString%3D472-14837745%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=184&ea=1601&el=224&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=490303089.1716669845&tid=UA-68861802-12&_gid=174031496.1716669845&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=914363670
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 14:46:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21452
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rmodal.js
amz-15promax-sg01.sofortchancen.de/templates/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amz-15promax-sg01.sofortchancen.de/templates/js/rmodal.js
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
6f5e135c82fd06a89c90eb3dd9256af1981d3acc9031ab4c280945489ee44ff1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:04 GMT
Last-Modified
Tue, 04 May 2021 04:37:33 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
4883
Content-Type
application/javascript
agbModal.js
amz-15promax-sg01.sofortchancen.de/templates/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amz-15promax-sg01.sofortchancen.de/templates/js/agbModal.js
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
7e972cfed3b2893663a5827e9726fa4b6ff5375b8d9abc2edd580243568027a7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:04 GMT
Last-Modified
Tue, 04 May 2021 04:37:28 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
8796
Content-Type
application/javascript
rmodal-no-bootstrap.css
amz-15promax-sg01.sofortchancen.de/templates/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amz-15promax-sg01.sofortchancen.de/templates/css/rmodal-no-bootstrap.css
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
bbc10a31d1e970642919cefbb9103ec65e4796250e89112ebd04a73478ca3848

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:04 GMT
Last-Modified
Tue, 04 May 2021 04:37:21 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1106
Content-Type
text/css
collect
stats.g.doubleclick.net/j/ 		4 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-68861802-12&cid=490303089.1716669845&jid=668357086&gjid=1348292214&_gid=174031496.1716669845&_u=YEBAAEAAAAAAACACI~&z=319716297
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 25 May 2024 20:44:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amz-15promax-sg01.sofortchancen.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
267 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QWM4Z8VE53&gtm=45je45m0v884936294za200&_p=1716669844447&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=DE-1601-514061512&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=4304%2Fadressdata1%2F&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D514061512%26additionalParamString%3D472-14837745%26tpid%3D25%26&dr=&sid=1716669844&sct=1&seg=0&dt=Amazon-Gutschein%20%2B%20iPhone%2015%20Pro%20Max&uid=514061512&en=page_view&_fv=1&_ss=1&_ee=1&ep.content_group=adressdata1&ep.content_group1=4304&ep.content_group2=184&ep.content_group3=1601&ep.content_group4=224&ep.content_group5=%7B3859%7D&ep.content_group6=DE&ep.content_group7=2421&tfd=2804
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 20:44:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amz-15promax-sg01.sofortchancen.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QWM4Z8VE53&cid=DE-1601-514061512&gtm=45je45m0v884936294za200&aip=1&uid=514061512&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 20:44:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amz-15promax-sg01.sofortchancen.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QWM4Z8VE53&cid=DE-1601-514061512&gtm=45je45m0v884936294za200&aip=1&uid=514061512&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1010471143
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 20:44:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QWM4Z8VE53&gtm=45je45m0v884936294za200&_p=1716669844447&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=DE-1601-514061512&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dp=4304%2Fadressdata1%2F&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D514061512%26additionalParamString%3D472-14837745%26tpid%3D25%26&dr=&sid=1716669844&sct=1&seg=0&dt=Amazon-Gutschein%20%2B%20iPhone%2015%20Pro%20Max&uid=514061512&en=unique_page_view&_ee=1&ep.content_group=adressdata1&ep.content_group1=4304&ep.content_group2=184&ep.content_group3=1601&ep.content_group4=224&ep.content_group5=%7B3859%7D&ep.content_group6=DE&ep.content_group7=2421&_et=2&tfd=2813
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 20:44:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amz-15promax-sg01.sofortchancen.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QWM4Z8VE53&gtm=45je45m0v884936294za200&_p=1716669844447&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=DE-1601-514061512&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=gA&sid=1716669844&sct=1&seg=0&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D514061512%26additionalParamString%3D472-14837745%26tpid%3D25%26&dt=Amazon-Gutschein%20%2B%20iPhone%2015%20Pro%20Max&uid=514061512&_s=3&tfd=2823
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 25 May 2024 20:44:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amz-15promax-sg01.sofortchancen.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
370_we-doo-affiliate.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/bildverwaltung/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/bildverwaltung/370_we-doo-affiliate.png
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
acdd7f7ea7c58c458a9a06e3197998a0e6150e786b9d3209543295d6377a74bd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:04 GMT
Last-Modified
Mon, 04 Mar 2024 13:05:10 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
16040
Content-Type
image/png
15,desktop.png
amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amz-15promax-sg01.sofortchancen.de/media/adresseManager/microSiteImg/4304/15,desktop.png
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
9a937c8d2ec3b0a0198ff9f046bb43ef6727c940db37b3e864f63311519f684b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:04 GMT
Last-Modified
Tue, 05 Mar 2024 08:53:11 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
65500
Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-68861802-12&cid=490303089.1716669845&jid=668357086&_u=YEBAAEAAAAAAACACI~&z=981753843
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 20:44:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-68861802-12&cid=490303089.1716669845&jid=668357086&_u=YEBAAEAAAAAAACACI~&z=981753843
Requested by
Host: amz-15promax-sg01.sofortchancen.de
URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 20:44:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/ 		526 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4689d94dc41ea32f15bc7f216bf276e4cc0dd5125057ecd3d793b4d1daee8a4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Origin
https://amz-15promax-sg01.sofortchancen.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 13:37:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
213445
x-xss-protection
0
last-modified
Mon, 20 May 2024 04:00:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 May 2025 13:37:40 GMT
p.ashx
gowedoo.com/ Frame F58F
Redirect Chain
  • https://gowedoo.com/p.ashx?e=15&t=&r=472-14837745
  • https://gowedoo.com/p.ashx?e=15&t=&r=472-14837745&ch-redir=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gowedoo.com/p.ashx?e=15&t=&r=472-14837745&ch-redir=1
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.175.8.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-8-176.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
private
Connection
close
Content-Length
2
Content-Type
text/plain; charset=utf-8
Date
Sat, 25 May 2024 20:44:05 GMT
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Accept-Ch
Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-Ch-Ua-Wow64
Cache-Control
private
Connection
close
Content-Length
189
Content-Type
text/html; charset=utf-8
Date
Sat, 25 May 2024 20:44:05 GMT
Location
https://gowedoo.com/p.ashx?e=15&t=&r=472-14837745&ch-redir=1
5.877e5677b6ca133c7147.js
static.cleverpush.com/sdk/chunk/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.877e5677b6ca133c7147.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3002fef546813c1b3e5a09a4ba66bb3e4a490ea12ee76a4e5efc5a1ead0b683c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JANPAJDYDKK76J8H
age
1367
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xNipitXPBgFM88Bs1hn6W9/0BLxSs9YRlKNZurgb7JIastJBVjaBE0L2+XGQ+kjI6fV6kb0S+rs=
last-modified
Fri, 24 May 2024 08:21:01 GMT
server
cloudflare
etag
W/"0b6f36aba47858a26d63eeb0ebb0f4f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPSgMHBhfqeKd%2BrR8PG0L3eBKr2AiQT220Nv4jnvgX0y7V7Lwu0dGnUEbswxwtuLlBwprhpPbq%2BWZyHjNOenhE6vqlnAr0LfibGw1xQNxK1izkB8MxLY4yNJduvD5mZQGK%2BQCfD1CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88985c838b591bc3-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JANSN81RMAQM6M2K
age
1367
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
X7SG19H/vc051SRIsR07mFfZE0CfCgdBuGzu2fQTzEi0M0gCZnGm6oOfIyTdfAK+8uSF9L2f3jo=
last-modified
Fri, 24 May 2024 08:20:59 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wLwt1kBWgVH8tCnLxVS%2FZA4bOIs%2BkBPk0EXUBrFaKYm8ZdXU5Jlr%2Bo5tSJ3JHZWVolSC%2BosYTstaYcMyIkMTP4JHtYCC0awkg%2ByfiKBAHlApwoKxbS8vDlodVRa0c3OIBOu2IFnWyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88985c838b601bc3-FRA
115.d6f4579d16a8335c5081.js
static.cleverpush.com/sdk/chunk/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/115.d6f4579d16a8335c5081.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ddd1b39eac2a04fae60a31aa02ef2b45657ea5df67f814218e9a6a677bda5b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JANT7CECWGT19H8W
age
1367
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
bvtSY6q+IwcesfKdYKsqYo9zbrlnccO4cbrHHwYwcmfYbQA6cV9DDAusqYwdtFUZiHMJ6vydmDw=
last-modified
Fri, 24 May 2024 08:20:59 GMT
server
cloudflare
etag
W/"780fd0f9008fd4d419a4aa7e324ca738"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rjB5DIz17SDmbmbSMTYo%2FZjWLQlBqqvD0dSuMUTWwLJc%2BmupNDiggnP4mQLPpDVEF26k10wrPOL3%2BPxwhMW7vKpc7ivyh0EX8Oi6wMmkNUdmzU4OQmjxLLt5%2BJl7wi8NqmkCdiniw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88985c838b671bc3-FRA
iframe
arctollceoo.mycleverpush.com/ Frame 8A3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.145.0 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.0.145.69.159.clients.your-server.de
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://amz-15promax-sg01.sofortchancen.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 25 May 2024 20:44:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-3
x-cache-status
MISS
x-robots-tag
noindex
anchor
www.google.com/recaptcha/api2/ Frame 43EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly9hbXotMTVwcm9tYXgtc2cwMS5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=de&v=joHA60MeME-PNviL59xVH9zs&size=invisible&cb=3jz3zu1zjpx6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NZ6bw6ka4T_T5HQqpahyQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://amz-15promax-sg01.sofortchancen.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NZ6bw6ka4T_T5HQqpahyQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 25 May 2024 20:44:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
103.ca34caf4a7c7f94a245a.js
static.cleverpush.com/sdk/chunk/ 		96 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/103.ca34caf4a7c7f94a245a.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JANZBAHXB7PRR8ER
age
1367
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
a5ab10yGnG76255CIAqgk42DrOpTLGUaT53dCKcDn/x9fjXgYH/EeiJThMAR2Q35Xaxefvx+bi4=
last-modified
Fri, 24 May 2024 08:20:59 GMT
server
cloudflare
etag
W/"edca157e63c1ec51d4f0d926c455f313"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2L1C%2F%2FNNw%2BM743uzC%2F1biyNr5jPol%2F2wpLUcPyb%2F7W6udawSDNJjBC8e7xG994LFfzSEU5WLrflZvFnjTSYKH3tr7ZvCRrjhbkPPKRUzSZUQF0%2Bur%2FklUbYhqB0FpwFLHK5OHUkRrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88985c860fc91bc3-FRA
720.55250bc0a01067617553.js
static.cleverpush.com/sdk/chunk/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/720.55250bc0a01067617553.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634fb6243f777936587296216a0a98c5ebd215c4c2fd44bb310fdfad37ce1ea7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JANKDWQY7H57GAEN
age
1367
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nho8sCo1jbKtTcUlanhnz6JMCw/cYYlDYuDuJBmeJCE3yfktbUhSgB0lI1vIJni+c2IdVdIuRKo=
last-modified
Fri, 24 May 2024 08:21:02 GMT
server
cloudflare
etag
W/"efcb14c4a4c67c58e37dd5ee8083a4d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Z6VK4e7K%2F5uE4LoHYlRnuh8y8zHPYYTfMGMZuBTHxXbif9FEF4IZ3z8J6dbygNKKuaGrGOVL0tCrVr4%2FK42%2FMA1BDRI8cDgNs%2FOFTuab5BJ4o9%2FX8s5DG45WBnc9upRLbytvdnPeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88985c860fcd1bc3-FRA
728.769733373fe8d2daa5a5.js
static.cleverpush.com/sdk/chunk/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/728.769733373fe8d2daa5a5.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa7930e6a09ba32904b21daf3871a467ba4537b3d00bfb01ac5ef9479ee8ad1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3M9M3WCKRPBGW96S
age
1366
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
zM3OglNSLh5Z2Y8YtvJUJfl11E4opwE6YGMo8Wd9+KIJDnh8B8IrveD3wtbQogAn68GuD+t0ttGiENMZmSHj6Q==
last-modified
Fri, 24 May 2024 08:21:02 GMT
server
cloudflare
etag
W/"24b4f27333c8d620d0b4706edde79f01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NqvEE2JvMJwvsq59Pv3efSCapkFoPS2kB0DaN3fgqQenwddo7NRAWGgc0ccY2xXaCrB1I8Uy7xww8rAZS0pJ%2BoRX%2FungDvY2ZYIju3jeGCxYDSaePCBteBVFWbMERV2QQ6m0Bom6Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88985c86a89f1bc3-FRA
376.8cab31ffc2b64b495b06.js
static.cleverpush.com/sdk/chunk/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/376.8cab31ffc2b64b495b06.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b45565fcd020711c8775c1a80ce7b1f9eea3546dbd5809292f908556c40ac0bf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JANQHYSMX884Q2WM
age
1367
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KmPnScYDzJtWf8esdtTDknlsKtMgk71BmBToO+vjYYjFP8c20vLtVXzSR9rBFc6e38HxU1j5QVQ=
last-modified
Fri, 24 May 2024 08:21:00 GMT
server
cloudflare
etag
W/"82d21e4c44ccb88da7bc6dc70911eddf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5h9%2BX%2BljvR4%2Bi7Xyui0zAXpHgVK4CXGEqzimBtnWpa2ILzr4PmveWSDdHDYeD0A1AsiqT8ti%2FlD8PBA2uhLL1hwbQWQD4rr0jh2%2BkxibHFqfMD3HQwg3zDUA6bdL2cnBFnIh76IpBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88985c86a8a71bc3-FRA
862.00b24ae64de8ff317661.js
static.cleverpush.com/sdk/chunk/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/862.00b24ae64de8ff317661.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49eb1384fa0a2c2116fcc445f475fb41051e517a1e43dde798ca4770d481447

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JANW8E5H3J1V522C
age
1367
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
u3AIPi+mMknGM2Bi0WonmfSfABxsmWgdsCc/vSeRRKy9TXwD9RshrU3cSDOjaegmnOml/795yQc=
last-modified
Fri, 24 May 2024 08:21:03 GMT
server
cloudflare
etag
W/"cafc6aa528a48ecd92bc50630c8497d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PHgHhb5F65Qfi0tUJV0EkSPLCmxXh0KM1ubiLeXhnujJFN%2Fm%2Fe%2BTWBKdCwvdjOU%2BiEoZHZZzUrHkJMRsSSs73h5Y4x%2FFTTzeYUiWGXMfP1TzQmAPGm7s30j4GcRe8P21nhITai8B4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88985c86a8ab1bc3-FRA
optin-visitor
api.cleverpush.com/channel/ 		16 B
618 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amz-15promax-sg01.sofortchancen.de/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-1
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AKGeSTSOWNSpQcnXXZX%2FHG5mR7ctzegfpGtvig1wZOZ9cmXz2g%2Fle56C%2BPIeJXgIhTqYdTqubJj4%2BMa5zay4SFRAeB%2BRM9%2BUiFKESks2qjZXcxknQFvhJILmGw0nQhReOTaZNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
88985c874c329bb3-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://amz-15promax-sg01.sofortchancen.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
88985c86ebbf9bb3-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Sat, 25 May 2024 20:44:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWa5MOJ9bc%2BkKbn47M8Hn%2BFw8eBLS37uzitiPq0GJpP1yTz%2FWt3GJipEf%2F7Kb3SOS4pOqiZU66ah2GpjmMJuOVar1%2FkY5ku595N%2Btf2Wuu%2BdVcLT8gL%2Fg%2B2ElCnpzglX3%2BmTMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1284568503&t=timing&_s=7&dl=https%3A%2F%2Famz-15promax-sg01.sofortchancen.de%2Fcampaign_4304.html%3FcoyoteAffiliTokenId%3D514061512%26additionalParamString%3D472-14837745%26tpid%3D25%26&dp=4304%2Fadressdata1%2F&ul=de-de&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3904&pdt=345&dns=0&rrt=1610&srt=471&tcp=349&dit=3063&clt=3063&_gst=2521&_gbt=2663&_u=YEBAAEABAAAAACACI~&jid=&gjid=&cid=490303089.1716669845&uid=514061512&tid=UA-68861802-12&_gid=174031496.1716669845&cg1=4304&cg2=184&cg3=1601&cg4=224&cg5=%7B3859%7D&cd1=4304&cd2=184&cd3=1601&cd4=224&cd5=%7B3859%7D&cd6=2421&z=1390322220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 25 May 2024 14:46:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21453
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
amz-15promax-sg01.sofortchancen.de/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://amz-15promax-sg01.sofortchancen.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software
Apache /
Resource Hash
b82e1bfe07efae539913fbd8fb1f45e4aa9f395f688784fa780fc573a3d724f6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 25 May 2024 20:44:05 GMT
Last-Modified
Tue, 04 May 2021 04:33:10 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
10462
Content-Type
image/x-icon
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://amz-15promax-sg01.sofortchancen.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
88985c8ceb529bb3-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Sat, 25 May 2024 20:44:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pi2%2BUL4YDgO7eU%2Bf5T7IBkVDKG4TCRmlGJUFIrAuzs8sG1DipFJ5Dq2cH6JI8fMzd7fhhf%2BMWtB3AdsLQHQqvD5aMTqHLsiL9rQxdCkRqzWXojgqBFH451FGHY%2BYUQvNzm5wRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ 		16 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amz-15promax-sg01.sofortchancen.de/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-1
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJhxa3sA4t9MsI0IgS2n4uDaIW80lEDjotRT6isF07prE9yRm4ZKyGoh5niHMhIFq2xTW4paHgXDpF1o5YB%2BIoRbdZe7u7nDYD5H9XkUOEQz4cp1wkH6MZnEhvOcw8hZYj99Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
88985c8d4bcd9bb3-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
defaultChannelIcon.png
static.cleverpush.com/app/images/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://amz-15promax-sg01.sofortchancen.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 20:44:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QVKG29NEJ3WH0R0T
age
422781
alt-svc
h3=":443"; ma=86400
content-length
732
x-amz-id-2
L94gk23rpieVrFR2pmIBb+nkqhSWL0BElNB/Trp0ttkRLi2UPTyejX9QfoA+Tv6kDsfnsTw5DY8=
last-modified
Mon, 21 Oct 2019 13:42:31 GMT
server
cloudflare
etag
"dada142d4861c864d8d63e8cd5dd22dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YrFWecwbApFvwyRFUoGrGZzPd0PwjXn8cXbikSaxPpmGze%2FsF8j6iKv1gRAX3I%2F8ciZcfez1xC28t8ZswvqDIc%2FKpA6UNlTMrVkh3qm6TUVDdjWjLfV%2FHTlAPpn8NEtgV25Y93qx9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2628000
accept-ranges
bytes
cf-ray
88985c8ce9f31bc3-FRA

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _ga string| GoogleAnalyticsObject function| ga object| _gtag object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| google_tag_manager function| onYouTubeIframeAPIReady object| errorListing string| errorMessageTemplate function| setErrorListing function| showErrorMessages function| showSingleErrorMessage function| clearAllTopAlignBoxen function| prepareErrorListing undefined| partnerId boolean| gpsid boolean| gpsid2 function| gtag object| CleverPush function| captchaExecute object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| checkAllAgb function| areAgbChecked object| modals string| action object| G4_modals string| G4action function| changeLabel object| lightboxOptions object| lightboxRO function| onWindowResizeLightbox function| openLightbox function| closeLightbox object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| recaptcha object| closure_lm_521298 object| ncModal object| ncModalAGB object| ncModalQuestion

17 Cookies

Domain/Path Name / Value
.track.cornzself.com/ Name: e7f8f25a-9adb-4c72-ae0a-40f7251b624c-v4
Value: fa_oTAt5Gu6nqoDoofPauUfNhSm0TWq4aRKDSHD0CPU
.track.cornzself.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22wlcjqssuhsdh84i1jd1dg93q%22%2C%22caid%22%3A%22e7f8f25a-9adb-4c72-ae0a-40f7251b624c%22%7D
.hpv0o.rdtk.io/ Name: redcmps
Value: W3siaWQiOiI2NjA1ODUzNjE2NDA0MjAwMDFjOWJkMDAiLCJ0IjoiMjAyNC0wNS0yNVQyMDo0NDowMi41MDA4ODM5NTRaIn1d
.hpv0o.rdtk.io/ Name: redhash
Value: NjY1MjRkOTIwZTU1ZGEwMDAxNmZlM2FhfDB8NjYwNTg1MzYxNjQwNDIwMDAxYzliZDAwfHxmMzViOGJmYy0zN2ZlLTRiYzMtOGJiYy1jMWI1N2UxZGZlMjN8MTcxNjY2OTg0Mg==
.gowedoo.com/ Name: sid
Value: 3eKtbGt8sp1z7BP3Iob/XYUQ9wRhZox2fDM8Pg2asTWKcZySXYeJzw==
.gowedoo.com/ Name: trk
Value: QahUWMMO2Mtz7BP3Iob/XYUQ9wRhZox2fDM8Pg2asTWKcZySXYeJzw==
.gowedoo.com/ Name: c472
Value: 3eKtbGt8sp3cDdEWOQZ8lN40WcyfYLltaG3XKAP3+AI=
gewinn-ometer.com/ Name: PHPSESSID
Value: 29c7afeef748bca46087cec155374801
gewinn-ometer.com/ Name: coyoteTrackingCookie_2765
Value: 514061512
gewinn-ometer.com/ Name: coyoteSimpleTrackingCookie
Value: 514061512
amz-15promax-sg01.sofortchancen.de/ Name: PHPSESSID
Value: b78a620ddc50c948490c1e3b1a19e166
amz-15promax-sg01.sofortchancen.de/ Name: coyoteAffiliTokenId4304
Value: 514061512
amz-15promax-sg01.sofortchancen.de/ Name: PHPSESSID_UPV
Value: 4304/adressdata1/
.sofortchancen.de/ Name: _gid
Value: GA1.2.174031496.1716669845
.sofortchancen.de/ Name: _gat
Value: 1
.sofortchancen.de/ Name: _ga
Value: GA1.1.DE-1601-514061512
.sofortchancen.de/ Name: _ga_QWM4Z8VE53
Value: GS1.1.1716669844.1.0.1716669844.60.0.0

6 Console Messages

Source Level URL
Text
other warning URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://amz-15promax-sg01.sofortchancen.de/campaign_4304.html?coyoteAffiliTokenId=514061512&additionalParamString=472-14837745&tpid=25&
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
amz-15promax-sg01.sofortchancen.de
api.cleverpush.com
arctollceoo.mycleverpush.com
fonts.googleapis.com
gewinn-ometer.com
go.beterwat.xyz
gowedoo.com
hpv0o.rdtk.io
ncxynvs.com
region1.analytics.google.com
static.cleverpush.com
stats.g.doubleclick.net
track.cornzself.com
track.pairfitem.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
142.250.185.142
142.250.185.228
142.250.186.35
152.199.19.160
155.138.218.204
159.69.145.0
172.67.71.184
188.95.252.33
188.95.252.36
2001:4860:4802:32::36
2600:9000:26da:5600:1a:e991:e300:93a1
2600:9000:26da:ee00:11:c066:4a80:93a1
2a00:1450:4001:803::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:828::2008
2a00:1450:400c:c06::9b
2a00:c98:2030:a025:9::
47.252.93.52
52.72.186.211
54.175.8.176
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
3002fef546813c1b3e5a09a4ba66bb3e4a490ea12ee76a4e5efc5a1ead0b683c
388d7f1ea0207e3fc194d522c89c86bb149008c30b67b2ae8fa92a557842d86b
4135200fd4f1661ddd866dae4035491038121873fe02310f6d40b4b1092f500b
4689d94dc41ea32f15bc7f216bf276e4cc0dd5125057ecd3d793b4d1daee8a4f
4a5b74dff01aed3f35fee87b8fe8ae210d2b6d51f2595365c873986989cb1a14
634fb6243f777936587296216a0a98c5ebd215c4c2fd44bb310fdfad37ce1ea7
6f5e135c82fd06a89c90eb3dd9256af1981d3acc9031ab4c280945489ee44ff1
713fb1f4c89b008f61db6206dd11f055a168ae13e4411455d8234a3988007131
73d49cf2fa0eeb662968fbb4fd2e46186e4e0ac9f82ab1f0e94abad8ddcbb868
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e
7d193fbace08404a618d45b6381bc57b5326eb3861b15d0ceabc249a43b79885
7e972cfed3b2893663a5827e9726fa4b6ff5375b8d9abc2edd580243568027a7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847dd5d262cf68ae4360339ddff16dfdd4182246bb9dff0fc4b7de6ef432a033
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ddd1b39eac2a04fae60a31aa02ef2b45657ea5df67f814218e9a6a677bda5b
9a937c8d2ec3b0a0198ff9f046bb43ef6727c940db37b3e864f63311519f684b
a1eb2a3c06756218bf69dc7f1ab3d34b68198442a3beff5d45253a2e1bc27bc0
a44471d952f7eb2a8f4e4639772c14e3f7fdf0014a26f3da2f8d3ca2504f16a1
acdd7f7ea7c58c458a9a06e3197998a0e6150e786b9d3209543295d6377a74bd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b45565fcd020711c8775c1a80ce7b1f9eea3546dbd5809292f908556c40ac0bf
b82e1bfe07efae539913fbd8fb1f45e4aa9f395f688784fa780fc573a3d724f6
bbc10a31d1e970642919cefbb9103ec65e4796250e89112ebd04a73478ca3848
bee143670e10badf9dd5981f9ae445e5d8f5f2d284ca152641ff09cf80f57455
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49eb1384fa0a2c2116fcc445f475fb41051e517a1e43dde798ca4770d481447
ecdb7e3fb838e846a1945c4e00b05eda1484169e3c5d5c945a80537ca7ceecde
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51d3c011546a8d70239912ca1f349566e396f781da0757b351ced84ea2ff92a
faa7930e6a09ba32904b21daf3871a467ba4537b3d00bfb01ac5ef9479ee8ad1