clean9.vipkunde.com Open in urlscan Pro
94.126.17.200 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clean9.vipkunde.com/
Effective URL:
https://clean9.vipkunde.com/index.html
Submission: On June 15 via automatic, source certstream-suspicious (June 15th 2023, 4:32:04 am UTC) — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 24 HTTP transactions. The main IP is 94.126.17.200, located in Küssnacht, Switzerland and belongs to ASN-METANET Routingpeering issues: noc@metanet.ch, CH. The main domain is clean9.vipkunde.com.
TLS certificate: Issued by R3 on June 15th 2023. Valid for: 3 months.

This is the only time clean9.vipkunde.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	94.126.17.200 94.126.17.200	21069 (ASN-METAN...) (ASN-METANET Routingpeering issues: noc@metanet.ch)
4	18.66.112.107 18.66.112.107	16509 (AMAZON-02) (AMAZON-02)
8	54.236.83.233 54.236.83.233	14618 (AMAZON-AES) (AMAZON-AES)
1	52.55.81.201 52.55.81.201	14618 (AMAZON-AES) (AMAZON-AES)
4	18.66.188.7 18.66.188.7	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
24	9

2 94.126.17.200 (Küssnacht, Switzerland) 1 redirects

ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH)
PTR: mandela.sui-inter.net

clean9.vipkunde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.112.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-107.fra56.r.cloudfront.net

cdn.wishpond.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.236.83.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-83-233.compute-1.amazonaws.com

www.wishpond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bookie.wishpond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.81.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-81-201.compute-1.amazonaws.com

embedded.wishpondpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.188.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-7.muc50.r.cloudfront.net

d30itml3t0pwpf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	wishpond.com www.wishpond.com — Cisco Umbrella Rank: 84081 bookie.wishpond.com — Cisco Umbrella Rank: 252704	8 KB
4	cloudfront.net d30itml3t0pwpf.cloudfront.net	343 KB
4	wishpond.net cdn.wishpond.net — Cisco Umbrella Rank: 84554	85 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	77 KB
2	vipkunde.com 1 redirects clean9.vipkunde.com	517 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
1	wishpondpages.com embedded.wishpondpages.com — Cisco Umbrella Rank: 227681	10 KB
24	9

	Domain	Requested by
6	www.wishpond.com	cdn.wishpond.net d30itml3t0pwpf.cloudfront.net
4	d30itml3t0pwpf.cloudfront.net	embedded.wishpondpages.com
4	cdn.wishpond.net	clean9.vipkunde.com cdn.wishpond.net embedded.wishpondpages.com
2	bookie.wishpond.com	d30itml3t0pwpf.cloudfront.net
2	fonts.gstatic.com	fonts.googleapis.com
2	cdnjs.cloudflare.com	embedded.wishpondpages.com cdnjs.cloudflare.com
2	clean9.vipkunde.com	1 redirects
1	www.google-analytics.com	clean9.vipkunde.com
1	fonts.googleapis.com	embedded.wishpondpages.com
1	embedded.wishpondpages.com	cdn.wishpond.net
24	10

This site contains no links.

Subject Issuer	Validity	Valid
clean9.vipkunde.com R3	`2023-06-15` - `2023-09-13`	3 months	crt.sh
cdn.wishpond.net Amazon RSA 2048 M01	`2023-02-22` - `2023-10-17`	8 months	crt.sh
wishpond.com Amazon RSA 2048 M01	`2023-02-07` - `2024-03-07`	a year	crt.sh
wishpondpages.com Amazon RSA 2048 M02	`2023-02-24` - `2023-11-23`	9 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://clean9.vipkunde.com/index.html
Frame ID: 4D8329EA84EF66F9ED52A4831A277AB2
Requests: 3 HTTP requests in this frame

Frame: https://cdn.wishpond.net/storage.html
Frame ID: 6556C90F6FD29B13897D4104D241D47A
Requests: 1 HTTP requests in this frame

Frame: https://embedded.wishpondpages.com/lp/2588518/?parent_url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html&embedded=true
Frame ID: 3C892A635230492D4E020F5D9B60ABD9
Requests: 15 HTTP requests in this frame

Frame: https://cdn.wishpond.net/storage.html
Frame ID: F07F5F2535BA3FCD21003277D91717C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Clean9.vipkunde.com ist umgezogen

Page URL History Show full URLs

https://clean9.vipkunde.com/ HTTP 302
https://clean9.vipkunde.com/index.html Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

24
Requests

100 %
HTTPS

44 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

575 kB
Transfer

1097 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clean9.vipkunde.com/ HTTP 302
https://clean9.vipkunde.com/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
clean9.vipkunde.com/
Redirect Chain

https://clean9.vipkunde.com/
https://clean9.vipkunde.com/index.html

497 B
406 B

13ms
13ms

Document
text/html

94.126.17.200
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://clean9.vipkunde.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.126.17.200 Küssnacht, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: mandela.sui-inter.net
Software: nginx /
Resource Hash: 03e3f204f1dd8a511bd23ffa9f4bea217170d5ad373156088ec5a25bfe6b2bec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Thu, 15 Jun 2023 04:31:58 GMT
etag: W/"1f1-5b2ae15cb5bd5"
last-modified: Tue, 27 Oct 2020 21:54:03 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 222
content-type: text/html; charset=iso-8859-1
date: Thu, 15 Jun 2023 04:31:58 GMT
location: https://clean9.vipkunde.com/index.html
server: nginx

GET
H2 200 connect.js Show response
cdn.wishpond.net/ 157 KB
41 KB 43ms
6ms Script
application/javascript 18.66.112.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wishpond.net/connect.js?merchantId=1502722&writeKey=8cf72c2a781f
Requested by: Host: clean9.vipkunde.com
URL: https://clean9.vipkunde.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-107.fra56.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: bf579cb84b439353504b7b929c27cc4105786d5ec6a1d59706802d2cd1c819e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clean9.vipkunde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 03:13:16 GMT
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Tue, 13 Jun 2023 00:25:48 GMT
server: nginx/1.17.5
x-amz-cf-pop: FRA56-P5
age: 4722
etag: W/"6487b78c-2749e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, stale-if-error, max-age=3600, s-max-age=172800
x-amz-cf-id: Wqw7-i3AmjrVV0vGeSZ6hVgwATY4f-lz7rHGAQWYw1TwxFoLxndPHA==

GET
H2 200 storage.html Show response
cdn.wishpond.net/ Frame 6556 3 KB
2 KB 6ms
6ms Document
text/html 18.66.112.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wishpond.net/storage.html
Requested by: Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=1502722&writeKey=8cf72c2a781f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-107.fra56.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: 0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b

Request headers

Referer: https://clean9.vipkunde.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 535367
cache-control: public, must-revalidate, proxy-revalidate, max-age=0, s-max-age=172800
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 08 Jun 2023 23:49:11 GMT
etag: W/"646fbd04-c7d"
last-modified: Thu, 25 May 2023 19:54:44 GMT
server: nginx/1.17.5
vary: Accept-Encoding
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-id: WeEU6jGa0U_6Q2xhPveo6mtRN7wBejF55_XMye4G7oOSJQsJIqwIOQ==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

OPTIONS
H2 200 popups.json
www.wishpond.com/ Frame 0
0 318ms
102ms Preflight
text/plain 54.236.83.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/popups.json?merchant_id=1502722&url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.83.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-83-233.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://clean9.vipkunde.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: https://clean9.vipkunde.com
access-control-expose-headers
access-control-max-age: 600
content-encoding: gzip
content-type: text/plain
date: Thu, 15 Jun 2023 04:31:58 GMT
server: nginx/1.17.5
strict-transport-security: max-age=300
vary: Accept-Encoding
x-download-options: noopen
x-request-id: 123302c2-d0b3-4fea-8847-b218530b42d1
x-runtime: 0.001176

GET
H2 200 popups.json Show response
www.wishpond.com/ 13 B
1 KB 125ms
125ms XHR
application/json 54.236.83.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/popups.json?merchant_id=1502722&url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html

Requested by

Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=1502722&writeKey=8cf72c2a781f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.83.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-83-233.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clean9.vipkunde.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 04:31:58 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
content-security-policy: default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
content-encoding: gzip
p3p: CP="NON"
x-xss-protection: 1; mode=block
x-request-id: e8d1ed9d-9a65-469f-80fb-048c8b5bc40e
x-runtime: 0.016135
server: nginx/1.17.5
x-download-options: noopen
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language: de-DE
access-control-allow-origin: https://clean9.vipkunde.com
access-control-expose-headers
access-control-max-age: 600
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
x-frame-options: DENY

GET
H2 200 / Show response
embedded.wishpondpages.com/lp/2588518/ Frame 3C89 33 KB
10 KB 417ms
199ms Document
text/html 52.55.81.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embedded.wishpondpages.com/lp/2588518/?parent_url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html&embedded=true
Requested by: Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=1502722&writeKey=8cf72c2a781f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.81.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-81-201.compute-1.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 9e224cfb0b79282bd6ce422c23ba7f4885e5d706616f89252025f63cf4f7acf1

Request headers

Referer: https://clean9.vipkunde.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-language: de-DE
content-type: text/html; charset=utf-8
date: Thu, 15 Jun 2023 04:31:58 GMT
p3p: CP="NON"
server: nginx/1.14.2
vary: Accept-Encoding
x-request-id: e6d0ad8c-390e-4803-a8d9-a71d59bad2d3
x-robots-tag: noindex
x-runtime: 0.061205
x-wishpond-generated: 2023-06-14 11:45:13 +0000
x-wishpond-guard: 1686743113.0097303
x-wishpond-host: wishpondv1-server-984f98544-rvxp4
x-wishpond-prefix: PagesV2r/c4034e/1
x-wishpond-queries: 0
x-wishpond-version: 20220216000001

GET
H2 200 connect.js Show response
cdn.wishpond.net/ Frame 3C89 157 KB
41 KB 8ms
7ms Script
application/javascript 18.66.112.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wishpond.net/connect.js?merchantId=1502722&socialCampaignId=2588518&writeKey=8cf72c2a781f
Requested by: Host: embedded.wishpondpages.com
URL: https://embedded.wishpondpages.com/lp/2588518/?parent_url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html&embedded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-107.fra56.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: bf579cb84b439353504b7b929c27cc4105786d5ec6a1d59706802d2cd1c819e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embedded.wishpondpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 03:13:16 GMT
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Tue, 13 Jun 2023 00:25:48 GMT
server: nginx/1.17.5
x-amz-cf-pop: FRA56-P5
age: 4722
etag: W/"6487b78c-2749e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, stale-if-error, max-age=3600, s-max-age=172800
x-amz-cf-id: 4ZAjf-r-BPd5AuVYqS7B4KGkLfqI-JVZt_eeHhvUy84vy4wJhoZICg==

GET
H/1.1 200
OK pages_v2r-06a815e86e1d5005ad6c77b181c78aa1630826b429777363ed21232d1df032b1.js Show response
d30itml3t0pwpf.cloudfront.net/assets/ Frame 3C89 214 KB
50 KB 75ms
15ms Script
application/javascript 18.66.188.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-06a815e86e1d5005ad6c77b181c78aa1630826b429777363ed21232d1df032b1.js
Requested by: Host: embedded.wishpondpages.com
URL: https://embedded.wishpondpages.com/lp/2588518/?parent_url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html&embedded=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-7.muc50.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: 06a815e86e1d5005ad6c77b181c78aa1630826b429777363ed21232d1df032b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embedded.wishpondpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 21:37:25 GMT
Content-Encoding: gzip
Via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
Age: 197673
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 50308
Last-Modified: Mon, 12 Jun 2023 20:50:56 GMT
Server: nginx/1.17.5
ETag: "64878530-c484"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: ZwrX4LAlA0RLjkftW-3Nind01TrD5XhRdQEEX5ijzO1LvhhSMoUqzg==

GET
H/1.1 200
OK pages_v4_default-45f5626e35f7197e725ac80a992ee906bb04ae1b679e9b8dd2cccaa854cde30d.css
d30itml3t0pwpf.cloudfront.net/assets/ Frame 3C89 38 KB
9 KB 73ms
14ms Stylesheet
text/css 18.66.188.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v4_default-45f5626e35f7197e725ac80a992ee906bb04ae1b679e9b8dd2cccaa854cde30d.css
Requested by: Host: embedded.wishpondpages.com
URL: https://embedded.wishpondpages.com/lp/2588518/?parent_url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html&embedded=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-7.muc50.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: 45f5626e35f7197e725ac80a992ee906bb04ae1b679e9b8dd2cccaa854cde30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embedded.wishpondpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 21:37:02 GMT
Content-Encoding: gzip
Via: 1.1 5cc4b35b46cb9b55d49e7f47442e6838.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
Age: 197696
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8522
Last-Modified: Mon, 12 Jun 2023 20:50:56 GMT
Server: nginx/1.17.5
ETag: "64878530-214a"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: _pT7EIMYT63mIRXoBVesnspDbWxXDFeXKAGaLN2GUibgVH6RQg6nkA==

GET
H2 200 css
fonts.googleapis.com/ Frame 3C89 3 KB
1 KB 47ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yeseva+One%7CQuicksand

Requested by

Host: embedded.wishpondpages.com
URL: https://embedded.wishpondpages.com/lp/2588518/?parent_url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02ecf4aebc1321ffdf331ae3777271640b20b307aa3e2e62fcef7da59c188ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embedded.wishpondpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Jun 2023 04:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 04:31:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Jun 2023 04:31:58 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ Frame 3C89 28 KB
6 KB 31ms
12ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: embedded.wishpondpages.com
URL: https://embedded.wishpondpages.com/lp/2588518/?parent_url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embedded.wishpondpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 04:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3842456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5324
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7187"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Bh6Bp%2Fnv0p%2FBLnG%2BgAUhKElz1nmMA0cjuqzrrFH4IPu%2FqOgwAMkVy9hKETPb5U5UFoutRT%2F47E2mgAyAqFW7aB7CHo0tDFXDVn1Z6YRPfNXnLr7LcRShORk2wtuUXx0la1B6Srwc6sOM2BEeUQ%2BjzvA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d7816297ed8bb32-FRA
expires: Tue, 04 Jun 2024 04:31:58 GMT

GET
H/1.1 200
OK 1576019077-0710ad04
d30itml3t0pwpf.cloudfront.net/api/v3/medias/14454703/image/opt/original/ Frame 3C89 154 KB
155 KB 614ms
597ms Image
image/jpeg 18.66.188.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/14454703/image/opt/original/1576019077-0710ad04

Requested by

Host: embedded.wishpondpages.com
URL: https://embedded.wishpondpages.com/lp/2588518/?parent_url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html&embedded=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.188.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-188-7.muc50.r.cloudfront.net

Software

nginx/1.17.5 /

Resource Hash

6d99637fcdd12b77f80e58255e0d257435998e27b170344deb4db5732d385fdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embedded.wishpondpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 04:31:59 GMT
Strict-Transport-Security: max-age=300
Via: 1.1 5cc4b35b46cb9b55d49e7f47442e6838.cloudfront.net (CloudFront)
Content-Security-Policy: default-src 'none'
X-Amz-Cf-Pop: MUC50-P1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="1.jpg"
Connection: keep-alive
X-Request-Id: 73daf471-d6d9-44a1-8bcc-1f36ea451eca
X-Runtime: 0.266211
Last-Modified: Tue, 10 Dec 2019 23:04:37 GMT
Server: nginx/1.17.5
ETag: "052557adccb6b5632d089e605bc2d52e"
X-Download-Options: noopen
Content-Type: image/jpeg
Content-Language: en
Cache-Control: max-age=2592000, public
X-Amz-Cf-Id: H82Z6LH2UyFFEP4lNsAm5_HfsIErSSbYgk_c5HxcnzzaE7VRuFz9AA==
Expires: Sat, 15 Jul 2023 04:31:59 GMT

GET
H/1.1 200
OK 1576019077-242054fe
d30itml3t0pwpf.cloudfront.net/api/v3/medias/14454702/image/opt/original/ Frame 3C89 129 KB
130 KB 2477ms
2450ms Image
image/jpeg 18.66.188.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/14454702/image/opt/original/1576019077-242054fe

Requested by

Host: embedded.wishpondpages.com
URL: https://embedded.wishpondpages.com/lp/2588518/?parent_url=https%3A%2F%2Fclean9.vipkunde.com%2Findex.html&embedded=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.188.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-188-7.muc50.r.cloudfront.net

Software

nginx/1.17.5 /

Resource Hash

392ab2042b70ed9e7e7d11e9e99885ec5b57b31f079a6914f4dc3e5cd89fef13

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embedded.wishpondpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 04:32:01 GMT
Strict-Transport-Security: max-age=300
Via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
Content-Security-Policy: default-src 'none'
X-Amz-Cf-Pop: MUC50-P1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="2.jpg"
Connection: keep-alive
X-Request-Id: fc247c77-a544-4bbd-b905-6a43f9b028ab
X-Runtime: 2.035383
Last-Modified: Tue, 10 Dec 2019 23:04:37 GMT
Server: nginx/1.17.5
ETag: "9ea9af3cfdcf5796213454a4643764b1"
X-Download-Options: noopen
Content-Type: image/jpeg
Content-Language: en
Cache-Control: max-age=2592000, public
X-Amz-Cf-Id: V5YuJZbX9FaR1KWzX9KAXYAE8mKqxHv5eqTzJrsYaWReBWA3qOJ0MA==
Expires: Sat, 15 Jul 2023 04:32:01 GMT

GET
H2 200 storage.html Show response
cdn.wishpond.net/ Frame F07F 3 KB
2 KB 7ms
6ms Document
text/html 18.66.112.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wishpond.net/storage.html
Requested by: Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=1502722&socialCampaignId=2588518&writeKey=8cf72c2a781f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-107.fra56.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: 0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b

Request headers

Referer: https://embedded.wishpondpages.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 535367
cache-control: public, must-revalidate, proxy-revalidate, max-age=0, s-max-age=172800
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 08 Jun 2023 23:49:11 GMT
etag: W/"646fbd04-c7d"
last-modified: Thu, 25 May 2023 19:54:44 GMT
server: nginx/1.17.5
vary: Accept-Encoding
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-id: KNID7MhoiKH1rYcKPKzYurYfVNhY5e4uQdstw_Y66jT7PyoSb8Q8PA==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2 200 popups.json Show response
www.wishpond.com/ Frame 3C89 13 B
1 KB 115ms
115ms XHR
application/json 54.236.83.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/popups.json?merchant_id=1502722&url=https%3A%2F%2Fembedded.wishpondpages.com%2Flp%2F2588518%2F%3Fparent_url%3Dhttps%253A%252F%252Fclean9.vipkunde.com%252Findex.html%26embedded%3Dtrue&social_campaign_id=2588518

Requested by

Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=1502722&socialCampaignId=2588518&writeKey=8cf72c2a781f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.83.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-83-233.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://embedded.wishpondpages.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 04:31:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
content-security-policy: default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
content-encoding: gzip
p3p: CP="NON"
x-xss-protection: 1; mode=block
x-request-id: 7e4bc571-1a3f-440a-9559-0e1cb73b712d
x-runtime: 0.011976
server: nginx/1.17.5
x-download-options: noopen
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language: de-DE
access-control-allow-origin: https://embedded.wishpondpages.com
access-control-expose-headers
access-control-max-age: 600
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
x-frame-options: DENY

OPTIONS
H2 200 popups.json
www.wishpond.com/ Frame 0
0 103ms
102ms Preflight
text/plain 54.236.83.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.83.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-83-233.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://embedded.wishpondpages.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: https://embedded.wishpondpages.com
access-control-expose-headers
access-control-max-age: 600
content-encoding: gzip
content-type: text/plain
date: Thu, 15 Jun 2023 04:31:59 GMT
server: nginx/1.17.5
strict-transport-security: max-age=300
vary: Accept-Encoding
x-download-options: noopen
x-request-id: ce3e1e0b-cc45-459a-b1f2-995ec1b9d179
x-runtime: 0.001086

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/ Frame 3C89 70 KB
71 KB 27ms
15ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9682aff0dfb2932f5273721abd9190df39eeb0f42c37a24566aa4ac5753219c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
Origin: https://embedded.wishpondpages.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 04:31:59 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3581206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-118d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gixPdEtCEH6CywBlJ%2B7lVO%2Be5at9pcWyaacion4ov8rydRF8%2FpJ8jYf8kMOhfRUl06kRlERFaFrLegbZflVEH3qHHAmDmr6zWG8%2FF40Jk0DgriiYRAPVU5uW33mItpLoVrzu3J2tiNs9v8tHpiksyAI4"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d781629bd409c01-FRA
expires: Tue, 04 Jun 2024 04:31:59 GMT

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v30/ Frame 3C89 14 KB
14 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Yeseva+One%7CQuicksand

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e36165510050fc4ef1d87cc430dd4d1d0f6a705c5f4aa7b3a97493921884bb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://embedded.wishpondpages.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 15:17:41 GMT
x-content-type-options: nosniff
age: 479658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 15:17:41 GMT

GET
H2 200 OpNJno4ck8vc-xYpwWWxli1VWw.woff2
fonts.gstatic.com/s/yesevaone/v20/ Frame 3C89 16 KB
16 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Yeseva+One%7CQuicksand

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df2558618d59bf36dcdafac03f2a3d4b6fed61a7381558bff35a1b81675114a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://embedded.wishpondpages.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 16:43:36 GMT
x-content-type-options: nosniff
age: 388103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16664
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:49:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 16:43:36 GMT

OPTIONS
H2 200 pages.json
www.wishpond.com/pages/v2r/2588518/ Frame 0
0 103ms
103ms Preflight
text/plain 54.236.83.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/pages/v2r/2588518/pages.json?variation_id=2835212

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.83.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-83-233.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://embedded.wishpondpages.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: https://embedded.wishpondpages.com
access-control-expose-headers
access-control-max-age: 600
content-encoding: gzip
content-type: text/plain
date: Thu, 15 Jun 2023 04:31:59 GMT
server: nginx/1.17.5
strict-transport-security: max-age=300
vary: Accept-Encoding
x-download-options: noopen
x-request-id: 14234df0-3507-451f-9b1b-b43a9b56c9e5
x-runtime: 0.001302

GET
H2 200 pages.json Show response
www.wishpond.com/pages/v2r/2588518/ Frame 3C89 25 KB
5 KB 132ms
132ms XHR
application/json 54.236.83.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/pages/v2r/2588518/pages.json?variation_id=2835212

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-06a815e86e1d5005ad6c77b181c78aa1630826b429777363ed21232d1df032b1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.83.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-83-233.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

eba3a412515be0d8fdb1fa633d317d6f4da2a3d814b3f88e86e0dac5bd89a9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: application/json
Referer: https://embedded.wishpondpages.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-wishpond-prefix: PagesV2r/c4034e/1
date: Thu, 15 Jun 2023 04:31:59 GMT
strict-transport-security: max-age=300
x-wishpond-queries: 0
content-encoding: gzip
x-wishpond-version: 20220216000001
x-wishpond-generated: 2023-06-14 11:45:13 +0000
p3p: CP="NON"
x-request-id: a3cc10a8-27f7-40dc-a07a-937bc3bd2a57
x-runtime: 0.024311
server: nginx/1.17.5
x-wishpond-host: wishpondv1-server-984f98544-rvxp4
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://embedded.wishpondpages.com
content-language: de-DE
access-control-expose-headers
access-control-allow-credentials: true
access-control-max-age: 600
x-wishpond-guard: 1686743113.0097303

POST
H2 201 view Show response
bookie.wishpond.com/v1/social_campaigns/2588518/variations/2835212/ Frame 3C89 0
291 B 280ms
279ms XHR
text/plain 54.236.83.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bookie.wishpond.com/v1/social_campaigns/2588518/variations/2835212/view
Requested by: Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-06a815e86e1d5005ad6c77b181c78aa1630826b429777363ed21232d1df032b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.83.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-83-233.compute-1.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://embedded.wishpondpages.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-runtime: 0.168491
date: Thu, 15 Jun 2023 04:31:59 GMT
server: nginx/1.14.2
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache
vary: Origin
x-request-id: d0f9d48b-7397-49d9-bd98-9c8c1458e918

OPTIONS
H2 200 view
bookie.wishpond.com/v1/social_campaigns/2588518/variations/2835212/ Frame 0
0 127ms
100ms Preflight
text/plain 54.236.83.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bookie.wishpond.com/v1/social_campaigns/2588518/variations/2835212/view
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.83.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-83-233.compute-1.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://embedded.wishpondpages.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-max-age: 600
content-type: text/plain
date: Thu, 15 Jun 2023 04:31:59 GMT
server: nginx/1.14.2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3C89 51 KB
21 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: clean9.vipkunde.com
URL: https://clean9.vipkunde.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embedded.wishpondpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 02:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6992
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 15 Jun 2023 04:35:27 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bookie.wishpond.com
cdn.wishpond.net
cdnjs.cloudflare.com
clean9.vipkunde.com
d30itml3t0pwpf.cloudfront.net
embedded.wishpondpages.com
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
www.wishpond.com
18.66.112.107
18.66.188.7
2606:4700::6811:190e
2a00:1450:4001:806::200e
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
52.55.81.201
54.236.83.233
94.126.17.200
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
02ecf4aebc1321ffdf331ae3777271640b20b307aa3e2e62fcef7da59c188ae4
03e3f204f1dd8a511bd23ffa9f4bea217170d5ad373156088ec5a25bfe6b2bec
06a815e86e1d5005ad6c77b181c78aa1630826b429777363ed21232d1df032b1
0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b
392ab2042b70ed9e7e7d11e9e99885ec5b57b31f079a6914f4dc3e5cd89fef13
45f5626e35f7197e725ac80a992ee906bb04ae1b679e9b8dd2cccaa854cde30d
4df2558618d59bf36dcdafac03f2a3d4b6fed61a7381558bff35a1b81675114a
6d99637fcdd12b77f80e58255e0d257435998e27b170344deb4db5732d385fdd
9682aff0dfb2932f5273721abd9190df39eeb0f42c37a24566aa4ac5753219c1
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9e224cfb0b79282bd6ce422c23ba7f4885e5d706616f89252025f63cf4f7acf1
bf579cb84b439353504b7b929c27cc4105786d5ec6a1d59706802d2cd1c819e8
e36165510050fc4ef1d87cc430dd4d1d0f6a705c5f4aa7b3a97493921884bb05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eba3a412515be0d8fdb1fa633d317d6f4da2a3d814b3f88e86e0dac5bd89a9e4

clean9.vipkunde.com Open in urlscan Pro 94.126.17.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

44 %IPv6

9 Domains

10 Subdomains

9 IPs

3 Countries

575 kBTransfer

1097 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

clean9.vipkunde.com Open in urlscan Pro
94.126.17.200 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

44 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

575 kB
Transfer

1097 kB
Size

0
Cookies

24 HTTP transactions
0 data transactions