www.heuteistmeintag.com Open in urlscan Pro
2606:4700::6812:19ae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://buff.ly/4aLP6FV
Effective URL:
https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=3...
Submission: On April 11 via api (April 11th 2024, 2:30:41 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 45 HTTP transactions. The main IP is 2606:4700::6812:19ae, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.heuteistmeintag.com.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.

This is the only time www.heuteistmeintag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.12 67.199.248.12	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	34.76.98.215 34.76.98.215	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
28	2606:4700::68... 2606:4700::6812:19ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
11	172.67.71.184 172.67.71.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	159.69.145.0 159.69.145.0	24940 (HETZNER-AS) (HETZNER-AS)
45	6

1 67.199.248.12 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com

buff.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.76.98.215 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.98.76.34.bc.googleusercontent.com

lighthouse-hwy1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700::6812:19ae (United States)

ASN13335 (CLOUDFLARENET, US)

www.heuteistmeintag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.71.184 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.145.0 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.145.69.159.clients.your-server.de

egenticapac.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	heuteistmeintag.com www.heuteistmeintag.com	292 KB
11	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 23867 api.cleverpush.com — Cisco Umbrella Rank: 20667	131 KB
4	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 474	4 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	907 B
2	lighthouse-hwy1.com 2 redirects lighthouse-hwy1.com	1 KB
1	mycleverpush.com egenticapac.mycleverpush.com
1	gstatic.com www.gstatic.com	201 KB
1	buff.ly 1 redirects buff.ly — Cisco Umbrella Rank: 76406	281 B
45	8

	Domain	Requested by
28	www.heuteistmeintag.com	www.heuteistmeintag.com
7	static.cleverpush.com	www.heuteistmeintag.com static.cleverpush.com
4	api.cleverpush.com	static.cleverpush.com
4	secure.adnxs.com	2 redirects www.heuteistmeintag.com
2	www.google.com	www.heuteistmeintag.com www.gstatic.com
2	lighthouse-hwy1.com	2 redirects
1	egenticapac.mycleverpush.com	static.cleverpush.com
1	www.gstatic.com	www.google.com
1	buff.ly	1 redirects
45	9

This site contains links to these domains. Also see Links.

Domain
kopunited.de
trk.adstrck123.com

Subject Issuer	Validity	Valid
www.heuteistmeintag.com R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cleverpush.com E1	`2024-03-02` - `2024-05-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-14` - `2024-06-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Frame ID: 11C72C5B56B060119A933163AD18A115
Requests: 37 HTTP requests in this frame

Frame: https://www.heuteistmeintag.com/sc/zWgOgiqoyloghspwGouimiPhGiilzkrQlnNgjmiRKkPimwJOqkzjHzmstzIqKtmsLxIuLNnoqJKkPimwIykkhqkonnyMkowoLiirlwwuzgMyhioJwuhmgmlpRzogoilhLsowKlMhrpGsgrOwihGkrggKoRhsLGkImggKoihoGpugLOPiRtvuujxpoPtrxxhvQmjpIsHyLkpuotOklmtXoIqKoxurmQgkrlskoxoMNwotyoHglxmgJOukIqggollkighOzqmsMxGkuxvKGqgmgG
Frame ID: 0C5DE9EAF423E89A99BE7D6F358A7527
Requests: 4 HTTP requests in this frame

Frame: https://egenticapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.heuteistmeintag.com
Frame ID: 022B8E3EFAA629C519C546C62433829F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDfYcUAAAAAMOrZyD0JEuECxHyYbMNOMYg_mMD&co=aHR0cHM6Ly93d3cuaGV1dGVpc3RtZWludGFnLmNvbTo0NDM.&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=wsbqlmpjlmp7
Frame ID: A446F307D17560333A815F7B3088071F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shopping Gutschein

Page URL History Show full URLs

https://buff.ly/4aLP6FV HTTP 301
https://lighthouse-hwy1.com/?a=4321&oc=17040&c=46458&m=16&s1=11&s2=12&s3=oth-all-d-e-s-n-cmb-lk-bfr HTTP 302
https://lighthouse-hwy1.com/?a=4321&oc=17040&c=46458&m=16&s1=11&s2=12&s3=oth-all-d-e-s-n-cmb-lk-bfr&ch-r... HTTP 302
https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=43... Page URL

Detected technologies

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

45
Requests

96 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

627 kB
Transfer

1763 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://kopunited.de/datenschutzerklaerung/
Title: Datennutzung

Search URL Search Domain Scan URL

URL: https://trk.adstrck123.com/aff_c?offer_id=9805&aff_id=2801&url_id=21569
Title: Register here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://buff.ly/4aLP6FV HTTP 301
https://lighthouse-hwy1.com/?a=4321&oc=17040&c=46458&m=16&s1=11&s2=12&s3=oth-all-d-e-s-n-cmb-lk-bfr HTTP 302
https://lighthouse-hwy1.com/?a=4321&oc=17040&c=46458&m=16&s1=11&s2=12&s3=oth-all-d-e-s-n-cmb-lk-bfr&ch-redir=1&ckmxid=cobv81dp00014116c2sg HTTP 302
https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://secure.adnxs.com/seg?add=31158968&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31158968%26t%3D1

Request Chain 23

https://secure.adnxs.com/seg?add=30540007&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D30540007%26t%3D1

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request wingame.pl Show response
www.heuteistmeintag.com/cgi-bin/
Redirect Chain

https://buff.ly/4aLP6FV
https://lighthouse-hwy1.com/?a=4321&oc=17040&c=46458&m=16&s1=11&s2=12&s3=oth-all-d-e-s-n-cmb-lk-bfr
https://lighthouse-hwy1.com/?a=4321&oc=17040&c=46458&m=16&s1=11&s2=12&s3=oth-all-d-e-s-n-cmb-lk-bfr&ch-redir=1&ckmxid=cobv81dp00014116c2sg
https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

79 KB
19 KB

769ms
609ms

Document
text/html

2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10dfdd632501ee2b9b3afe989963b2ea8050eb82ebcecc2d009baafecdff6d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 872bacc768e03a3e-FRA
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 11 Apr 2024 14:30:30 GMT
server: cloudflare
strict-transport-security: max-age=31536000
x-firstpage: 0
x-map-context: de
x-page: reg_full
x-served-by: a-03

Redirect headers

cache-control: private
content-length: 269
content-type: text/html; charset=utf-8
date: Thu, 11 Apr 2024 14:30:29 GMT
location: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 sweepstake.bundle.css
www.heuteistmeintag.com/dist/138/ 107 KB
19 KB 71ms
68ms Stylesheet
text/css 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/dist/138/sweepstake.bundle.css?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81a6e7fac4ab64cb7440b40b7301c654a97cb300e67b572988eaa8f36d2f69c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=110525
x-served-by: a-04
cf-bgj: minify
last-modified: Tue, 12 Mar 2024 13:31:14 GMT
x-map-context: de
server: cloudflare
etag: W/"65f05922-1afbd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 872baccb5ec03a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 multicoreg.bundle.css
www.heuteistmeintag.com/_global/dist/tt/wingame/default/ 39 KB
7 KB 57ms
54ms Stylesheet
text/css 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_global/dist/tt/wingame/default/multicoreg.bundle.css?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883bec56d9ff03c97184c1b9b4688d83f93d3b7e5a8f094e1d09d0c82370c36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=40263
x-served-by: a-01
cf-bgj: minify
last-modified: Thu, 11 Apr 2024 06:34:49 GMT
x-map-context: de
server: cloudflare
etag: W/"66178489-9d47"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 872baccb5ec13a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 theme.css
www.heuteistmeintag.com/_global/tt/wingame/default/multicoreg/themes/theme_3/css/ 4 KB
1 KB 72ms
69ms Stylesheet
text/css 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_global/tt/wingame/default/multicoreg/themes/theme_3/css/theme.css?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcfb7b429d43cad72057b67f2cd907ff9015ede3b39faebec762c835616849dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=4867
x-served-by: a-03
cf-bgj: minify
last-modified: Tue, 05 Apr 2022 15:21:31 GMT
x-map-context: de
server: cloudflare
etag: W/"624c5e7b-1303"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 872baccb5ec53a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 MooTools-Core-1.6.0-compressed.js Show response
www.heuteistmeintag.com/_global/js/framework/ 87 KB
27 KB 97ms
94ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f180db5bee6d0f0657465aa933e8e1f3492725403b3058424ab613998500ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=89700
x-served-by: a-02
cf-bgj: minify
last-modified: Fri, 10 Nov 2017 11:48:17 GMT
x-map-context: de
server: cloudflare
etag: W/"5a059201-15e64"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccb5eca3a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 moolidator.js Show response
www.heuteistmeintag.com/_global/js/ 34 KB
6 KB 58ms
55ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_global/js/moolidator.js?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17497c99136331e168c72b86d40bf1eb3194fb6c728f9ac65b66d536c05b653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=43114
x-served-by: a-01
cf-bgj: minify
last-modified: Thu, 09 Mar 2023 10:32:23 GMT
x-map-context: de
server: cloudflare
etag: W/"6409b5b7-a86a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccb5ecb3a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 moolidator_rules.js Show response
www.heuteistmeintag.com/_global/js/ 19 KB
3 KB 59ms
57ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_global/js/moolidator_rules.js?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c88919bb9c836ec10f4bd2431c91ac57c7cdac9f5af98824c6e7cc19a83e0217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=27274
x-served-by: a-01
cf-bgj: minify
last-modified: Mon, 08 Apr 2024 05:58:24 GMT
x-map-context: de
server: cloudflare
etag: W/"66138780-6a8a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccb5ece3a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 scripts.js Show response
www.heuteistmeintag.com/_global/js/ 32 KB
9 KB 58ms
56ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_global/js/scripts.js?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c39db955c6d8f578d3a668462f50faf99fd44986f58592d44ddcf0b848637927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=55062
x-served-by: a-03
cf-bgj: minify
last-modified: Mon, 04 Dec 2023 10:45:27 GMT
x-map-context: de
server: cloudflare
etag: W/"656dadc7-d716"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccb5ed03a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 multicoreg.engine.js Show response
www.heuteistmeintag.com/_global/tt/wingame/default/multicoreg/js/ 81 KB
14 KB 68ms
66ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_global/tt/wingame/default/multicoreg/js/multicoreg.engine.js?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d24512fdc9a7a2e9090dd816400e0741d4f632a876951038ee4ae7a5e2cd847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=115275
x-served-by: a-01
cf-bgj: minify
last-modified: Thu, 11 Apr 2024 07:11:19 GMT
x-map-context: de
server: cloudflare
etag: W/"66178d17-1c24b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccb6ed33a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 global.js Show response
www.heuteistmeintag.com/wingame/global/js/ 5 KB
2 KB 67ms
65ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/wingame/global/js/global.js?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f815d1219c51cccee740434a5ca55948006957ea9d0d7c619afd708c1ca242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=6281
x-served-by: a-04
cf-bgj: minify
last-modified: Thu, 22 Apr 2021 08:26:26 GMT
x-map-context: de
server: cloudflare
etag: W/"60813332-1889"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccb6ed73a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 series.js Show response
www.heuteistmeintag.com/_global/wingame/76/js/ 6 KB
2 KB 94ms
93ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_global/wingame/76/js/series.js?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c885fe3584d7a7388d61578ac6497905573b7c2777873454100891313c0e3859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=8973
x-served-by: a-02
cf-bgj: minify
last-modified: Thu, 21 Mar 2024 11:06:06 GMT
x-map-context: de
server: cloudflare
etag: W/"65fc149e-230d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccb6ed93a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 sweepstake.js Show response
www.heuteistmeintag.com/wingame/138/js/ 8 KB
2 KB 109ms
107ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/wingame/138/js/sweepstake.js?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86e4a30025c046f4a76f691ac97e1238f9f21d48453359e02f54078276f5a113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
cf-polished: origSize=15260
x-served-by: a-01
cf-bgj: minify
last-modified: Thu, 15 Jul 2021 10:26:52 GMT
x-map-context: de
server: cloudflare
etag: W/"60f00d6c-3b9c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccb9f173a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 Roboto.css
www.heuteistmeintag.com/_static/_global/_supload/fonts/css/ 3 KB
518 B 110ms
109ms Stylesheet
text/css 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_static/_global/_supload/fonts/css/Roboto.css

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d7b621db4b7913c0e6fe5e6bb0cc31efa17e6b3c43e04c6405776e67483242e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 02 Oct 2020 11:00:33 GMT
server: cloudflare
age: 30814
cf-polished: origSize=3799
etag: W/"867398435"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400
cf-ray: 872baccb9f183a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 close_icon.svg
www.heuteistmeintag.com/wingame/global/images/ 841 B
662 B 56ms
52ms Image
image/svg+xml 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heuteistmeintag.com/wingame/global/images/close_icon.svg

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: a-01
date: Thu, 11 Apr 2024 14:30:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 May 2020 13:11:46 GMT
server: cloudflare
x-map-context: de
age: 30815
etag: W/"5eac2012-349"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 872baccc48033a3e-FRA
expires: Fri, 12 Apr 2024 14:30:31 GMT

GET
H2 200 imgAmazon100.png
www.heuteistmeintag.com/_static/_global/_supload/ctn/ 125 KB
125 KB 111ms
110ms Image
image/webp 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heuteistmeintag.com/_static/_global/_supload/ctn/imgAmazon100.png

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b29ffbb4f8333982c790ccf96206744389ebd6d6bca8a9c360973751b20d1573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 29540
cf-polished: origFmt=png, origSize=131548
content-disposition: inline; filename="imgAmazon100.webp"
content-length: 127704
cf-bgj: imgq:100,h2pri
last-modified: Tue, 22 Jun 2021 10:55:31 GMT
server: cloudflare
etag: "1387614458"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 872baccb9f1a3a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 sweepstake.bundle.js Show response
www.heuteistmeintag.com/dist/138/ 23 KB
6 KB 111ms
109ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/dist/138/sweepstake.bundle.js?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75765fdb0b771bab6b86c273837a2ceb67e7213b6d9d4e273c5214ca8c2aa3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 487
x-served-by: a-04
cf-bgj: minify
last-modified: Tue, 30 Jan 2024 13:19:22 GMT
x-map-context: de
server: cloudflare
etag: W/"65b8f75a-5c18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccb9f1b3a3e-FRA
expires: Fri, 12 Apr 2024 14:30:30 GMT

GET
H2 200 registrationSlider.bundle.js Show response
www.heuteistmeintag.com/_global/dist/ 27 KB
7 KB 59ms
54ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_global/dist/registrationSlider.bundle.js?2024-04-11.6

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

543ba314b956dd5a4521de37e6f06abb1cb79bd922712b0be7b53cd92c53ff23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 488
cf-polished: origSize=27672
x-served-by: a-03
cf-bgj: minify
last-modified: Mon, 25 Mar 2024 10:35:12 GMT
x-map-context: de
server: cloudflare
etag: W/"66015360-6c18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccc4ffe3a3e-FRA
expires: Fri, 12 Apr 2024 14:30:31 GMT

GET
H2 200 money_1.png
www.heuteistmeintag.com/_static/_global/_supload/images/ 14 KB
14 KB 54ms
47ms Image
image/webp 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heuteistmeintag.com/_static/_global/_supload/images/money_1.png

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73301104caccbee450b9d19427a73d4da68c1fa192b586fb23f2ca80687df38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 30815
cf-polished: origFmt=png, origSize=16181
content-disposition: inline; filename="money_1.webp"
content-length: 14116
cf-bgj: imgq:100,h2pri
last-modified: Mon, 14 Jan 2019 15:48:59 GMT
server: cloudflare
etag: "3846831862"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 872baccc68523a3e-FRA
expires: Fri, 12 Apr 2024 14:30:31 GMT

GET
H2 200 money_2.png
www.heuteistmeintag.com/_static/_global/_supload/images/ 6 KB
6 KB 56ms
48ms Image
image/webp 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heuteistmeintag.com/_static/_global/_supload/images/money_2.png

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef128fb1e908062f0165e88ca33b725f508e6793c4cffb520778d43bbf154d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 30815
cf-polished: origFmt=png, origSize=6886
content-disposition: inline; filename="money_2.webp"
content-length: 6230
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 Oct 2018 12:08:52 GMT
server: cloudflare
etag: "1785090003"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 872baccc68543a3e-FRA
expires: Fri, 12 Apr 2024 14:30:31 GMT

GET
H2 200 money_3.png
www.heuteistmeintag.com/_static/_global/_supload/images/ 6 KB
6 KB 55ms
50ms Image
image/webp 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heuteistmeintag.com/_static/_global/_supload/images/money_3.png

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c769af398525b6cddcf2bb01d01b9491cfa948987e51d7964cfe6236159cf016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 30815
cf-polished: origFmt=png, origSize=6779
content-disposition: inline; filename="money_3.webp"
content-length: 5988
cf-bgj: imgq:100,h2pri
last-modified: Mon, 14 Jan 2019 15:40:49 GMT
server: cloudflare
etag: "3787773364"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 872baccc78573a3e-FRA
expires: Fri, 12 Apr 2024 14:30:31 GMT

GET
H2 200 zWgOgiqoyloghspwGouimiPhGiilzkrQlnNgjmiRKkPimwJOqkzjHzmstzIqKtmsLxIuLNnoqJKkPimwIykkhqkonnyMkowoLiirlwwuzgMyhioJwuhmgmlpRzogoilhLsowKlMhrpGsgrOwihGkrggKoRhsLGkImggKoihoGpugLOPiRtvuujxpoPtrxxhvQmjpI... Show response
www.heuteistmeintag.com/sc/ Frame 0C5D 448 B
413 B 72ms
72ms Document
text/html 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/sc/zWgOgiqoyloghspwGouimiPhGiilzkrQlnNgjmiRKkPimwJOqkzjHzmstzIqKtmsLxIuLNnoqJKkPimwIykkhqkonnyMkowoLiirlwwuzgMyhioJwuhmgmlpRzogoilhLsowKlMhrpGsgrOwihGkrggKoRhsLGkImggKoihoGpugLOPiRtvuujxpoPtrxxhvQmjpIsHyLkpuotOklmtXoIqKoxurmQgkrlskoxoMNwotyoHglxmgJOukIqggollkighOzqmsMxGkuxvKGqgmgG

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5cf071595c15595ac8a1e48dd562c2ec234276726c89d7fe5564cebbfc97fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 872baccd197a3a3e-FRA
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 11 Apr 2024 14:30:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000
x-map-context: de
x-served-by: a-01

GET
H2 200 s5-bfp.js Show response
www.heuteistmeintag.com/_global/js/ 12 KB
4 KB 91ms
91ms Script
application/javascript 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/_global/js/s5-bfp.js?2457172690

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/_global/js/scripts.js?2024-04-11.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: a-02
date: Thu, 11 Apr 2024 14:30:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Mar 2020 13:46:39 GMT
server: cloudflare
x-map-context: de
etag: W/"5e6a3d3f-2e71"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 872baccd39b63a3e-FRA
expires: Fri, 12 Apr 2024 14:30:31 GMT

GET
H2 200 global.pl Show response
www.heuteistmeintag.com/cgi-bin/ 1 B
89 B 81ms
80ms XHR
text/html 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/cgi-bin/global.pl?todo=log_misc&ident=slider_wingame_138_gender

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/_global/dist/registrationSlider.bundle.js?2024-04-11.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

date: Thu, 11 Apr 2024 14:30:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-map-context: de
content-type: text/html
cf-ray: 872baccd69ef3a3e-FRA
x-served-by: a-03

GET
H2

200

bounce Show response
secure.adnxs.com/ Frame 0C5D
Redirect Chain

https://secure.adnxs.com/seg?add=31158968&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31158968%26t%3D1

0
1 KB

154ms
154ms

Script
application/javascript

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31158968%26t%3D1

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/sc/zWgOgiqoyloghspwGouimiPhGiilzkrQlnNgjmiRKkPimwJOqkzjHzmstzIqKtmsLxIuLNnoqJKkPimwIykkhqkonnyMkowoLiirlwwuzgMyhioJwuhmgmlpRzogoilhLsowKlMhrpGsgrOwihGkrggKoRhsLGkImggKoihoGpugLOPiRtvuujxpoPtrxxhvQmjpIsHyLkpuotOklmtXoIqKoxurmQgkrlskoxoMNwotyoHglxmgJOukIqggollkighOzqmsMxGkuxvKGqgmgG

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heuteistmeintag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Apr 2024 14:30:31 GMT
an-x-request-uuid: 91304407-3929-472e-96c1-63eb170aa1b8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Apr 2024 14:30:31 GMT
an-x-request-uuid: dcd653bd-cd6d-48f6-a37b-f6d5f9d3db4d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31158968%26t%3D1
x-proxy-origin: 80.255.7.109; 80.255.7.109; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/ Frame 0C5D
Redirect Chain

https://secure.adnxs.com/seg?add=30540007&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D30540007%26t%3D1

0
1 KB

59ms
58ms

Script
application/javascript

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D30540007%26t%3D1

Requested by

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heuteistmeintag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Apr 2024 14:30:31 GMT
an-x-request-uuid: 42e568ff-758e-43f8-872d-b67862391596
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Apr 2024 14:30:31 GMT
an-x-request-uuid: 58f3d88b-8de0-4e3b-ac44-77c4227fe0c8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D30540007%26t%3D1
x-proxy-origin: 80.255.7.109; 80.255.7.109; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 NoqoxgWgkqkgkIoIkKnIJJnhKGGuIHKKwJRjhGNmqLtxOIxikimowyLSjGKnoMRKkPimwJwwjjyKkLlHqvOMgigwQQrikmhuwqMtihsLGkImggKoyhoyLJwhiLrhiXmIOgi
www.heuteistmeintag.com/sc/ Frame 0C5D 79 B
248 B 65ms
65ms Image
image/gif 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heuteistmeintag.com/sc/NoqoxgWgkqkgkIoIkKnIJJnhKGGuIHKKwJRjhGNmqLtxOIxikimowyLSjGKnoMRKkPimwJwwjjyKkLlHqvOMgigwQQrikmhuwqMtihsLGkImggKoyhoyLJwhiLrhiXmIOgi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/sc/zWgOgiqoyloghspwGouimiPhGiilzkrQlnNgjmiRKkPimwJOqkzjHzmstzIqKtmsLxIuLNnoqJKkPimwIykkhqkonnyMkowoLiirlwwuzgMyhioJwuhmgmlpRzogoilhLsowKlMhrpGsgrOwihGkrggKoRhsLGkImggKoihoGpugLOPiRtvuujxpoPtrxxhvQmjpIsHyLkpuotOklmtXoIqKoxurmQgkrlskoxoMNwotyoHglxmgJOukIqggollkighOzqmsMxGkuxvKGqgmgG
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
x-map-context: de
content-type: image/gif
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cf-ray: 872baccdaa623a3e-FRA
content-length: 79
x-served-by: a-04

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
907 B 142ms
53ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaCallBack&render=6LfDfYcUAAAAAMOrZyD0JEuECxHyYbMNOMYg_mMD

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/dist/138/sweepstake.bundle.js?2024-04-11.6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

f432bfb1eb65c535172718302daa407d61b235266bad1cbd1246d963b076b72e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 Apr 2024 14:30:31 GMT

GET
H3 200 oYCaLnDHepZdn6Kjy.js Show response
static.cleverpush.com/channel/loader/ 325 KB
74 KB 124ms
63ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/oYCaLnDHepZdn6Kjy.js
Requested by: Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/dist/138/sweepstake.bundle.js?2024-04-11.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e946989edcd55ef02ecd1d0762630d6baaf20c0f62f4b75e65ceffaaa81d7fc6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5R15QRXHG3F5DA2C
age: 3133
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8ugUiBQfr55DjSeR+qncnaMjO43hqLCcUaZf/xuFb+0aZq9QvU1q1Dc2KWq1fCEGFjTpYt6o99Q=
last-modified: Thu, 11 Apr 2024 13:37:00 GMT
server: cloudflare
etag: W/"329523b59d5013ed53b49bc174e91ded"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yq8KqqxB9igTDUL1FRD2YmqgEfCHNTeev7g9W5US8IwRbHYg55I5Fa7fc0peHoaMSt0YV6OYV662Uc7lOewTxog8mofnJREYGDarHSQr2G8vvzFMthA3whCfGSrQsZfrPKXlHpImQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 872bacd0888d9762-FRA

GET
H2 200 jmzGjyWgkosgghjINgHkKiloowkikQkgQroxihjXpswihMshjskmvhvligkiwpssiKzgnIjzRvJntzNvJvzHPOvrvLNsuhsNKgxsHwxihjrugHnQtghgoglnonXwKgmqHkgHihsgylPhghwgwhyqoylohspwXuinomLkgHihtgOxijgIkmvioiLzopssghwwkixgP Show response
www.heuteistmeintag.com/sc/ 13 B
139 B 523ms
522ms XHR
application/json 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/sc/jmzGjyWgkosgghjINgHkKiloowkikQkgQroxihjXpswihMshjskmvhvligkiwpssiKzgnIjzRvJntzNvJvzHPOvrvLNsuhsNKgxsHwxihjrugHnQtghgoglnonXwKgmqHkgHihsgylPhghwgwhyqoylohspwXuinomLkgHihtgOxijgIkmvioiLzopssghwwkixgP

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2024-04-11.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae95d608ee76e064ca676f3114fc5f48b0d5adac9ea3c9dbd137112f53c9b055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:32 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-map-context: de
vary: Accept-Encoding
content-type: application/json;charset=ISO-8859-1
cf-ray: 872bacd02deb3a3e-FRA
x-served-by: a-01

GET
H2 200 global.pl Show response
www.heuteistmeintag.com/cgi-bin/ 1 B
90 B 116ms
115ms XHR
text/html 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/cgi-bin/global.pl?todo=log_misc&ident=imp_tracker_init_de_reg_full

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2024-04-11.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-map-context: de
content-type: text/html
cf-ray: 872bacd02df03a3e-FRA
x-served-by: a-02

GET
H2 200 favicon.ico
www.heuteistmeintag.com/ 15 KB
10 KB 53ms
53ms Other
image/x-icon 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

013957918216490a7a6092735b2974a57ba30430b6b988177d92bfaa785d7382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: a-03
date: Thu, 11 Apr 2024 14:30:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 May 2020 13:11:45 GMT
server: cloudflare
x-map-context: de
age: 30815
etag: W/"5eac2011-3aee"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=86400
cf-ray: 872bacd03e023a3e-FRA
expires: Fri, 12 Apr 2024 14:30:31 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 501 KB
201 KB 270ms
45ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaCallBack&render=6LfDfYcUAAAAAMOrZyD0JEuECxHyYbMNOMYg_mMD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/
Origin: https://www.heuteistmeintag.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 09:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205471
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Apr 2025 09:15:18 GMT

GET
H3 200 5.7bf12eb14858c1f4fd98.js Show response
static.cleverpush.com/sdk/chunk/ 35 KB
10 KB 74ms
73ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.7bf12eb14858c1f4fd98.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/oYCaLnDHepZdn6Kjy.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3da607dc4e6637a6eb1c83aad352e1b934bf4cc8bb5420e0962e6f20336dc8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XEMG53AATPMWJZAF
age: 18615
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2KgmbziGAoULJZcd0ok/cDadgF0uj7wRS32Xg0mIRkY26qfK9DAV064ma3XYc1WEIKlLphXkK34=
last-modified: Thu, 11 Apr 2024 09:20:05 GMT
server: cloudflare
etag: W/"71195a8ffdfcc2d26e073cafb5d147b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cq61s6OJtUpa0jTEA%2FTdhBqJ6mSoNGlJS86MexMLTpQjrCs4FKJMvprDokooJcruzUJwS8kZK7TyUnVAzZhbJZbc9rv8UH5URNrlekD3o5WczxMrx8azmxahgyKxKOVQWUogek4z2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 872bacd2bb929762-FRA

GET
H3 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ 5 KB
3 KB 62ms
61ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/oYCaLnDHepZdn6Kjy.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XEMZPMKQT5N801MA
age: 18615
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: t4CJcfzjCEpk5iSv92/pfPUcWXW7Q4f9IddlWetN7tS+ogygSUZjz2nl8JV9IM3DGEX9xz9uMik=
last-modified: Thu, 11 Apr 2024 09:20:04 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2F3Ckt6DE19%2FKDGwkA0tHlV9ed3h98uB8ZTBmx5x0yreAPjCaSxdG8IWENVM5RDyPDkkVPwsgOYSj9VqgOLXdksTq0%2FcQXkbnIh5kn%2BLplnmOGcIfr%2FrFg4R5Ox939dtQXNer9giPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 872bacd2bb939762-FRA

GET
H3 200 115.45e07019e1b45bb84052.js Show response
static.cleverpush.com/sdk/chunk/ 14 KB
4 KB 63ms
63ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/115.45e07019e1b45bb84052.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/oYCaLnDHepZdn6Kjy.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fdcf90c7e14bc33b9e979ccc5d19c74c991ae35cd871e8bf86737f9818d14ec

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XEMXKWNWFH1A3736
age: 18615
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +AOE/Q8J22hWjhquplP55wkMN1Mp4nhCX+l+W2h1qaNOQqrQHSu6ej5/jNpuAv3H30mOASEUcj8=
last-modified: Thu, 11 Apr 2024 09:20:03 GMT
server: cloudflare
etag: W/"b59346d8363e9382e25c428e746176db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBHIhpKEdBKHJnDKO7CZGDigV5GTGG8loVhIFLahNcWzDqNmczb4i3le%2BRxQxfphHz9qgys7EqXd3AEDcVzNnxNojz5Ple1LVcKj3YAAhaRPU7jopZKZvfqevkI9rlnfCBMfomXDGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 872bacd2bb979762-FRA

GET
H2 200 iframe
egenticapac.mycleverpush.com/ Frame 022B 0
0 216ms
114ms Document
text/html 159.69.145.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://egenticapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.heuteistmeintag.com

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.145.0 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.0.145.69.159.clients.your-server.de

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heuteistmeintag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 11 Apr 2024 14:30:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-3
x-cache-status: EXPIRED
x-robots-tag: noindex

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame A446 0
0 257ms
84ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDfYcUAAAAAMOrZyD0JEuECxHyYbMNOMYg_mMD&co=aHR0cHM6Ly93d3cuaGV1dGVpc3RtZWludGFnLmNvbTo0NDM.&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=wsbqlmpjlmp7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pZQy1JAyTA8MP-7-L294Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heuteistmeintag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pZQy1JAyTA8MP-7-L294Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Apr 2024 14:30:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 103.ca34caf4a7c7f94a245a.js Show response
static.cleverpush.com/sdk/chunk/ 96 KB
22 KB 56ms
54ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/103.ca34caf4a7c7f94a245a.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/oYCaLnDHepZdn6Kjy.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XEMQ0PF5PXF2E1VH
age: 18615
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7045cwlG+EHw1K8U3bHc15sKN8LobjccEKCtQJuMBOHW9xXVoPPgYnB6Bj2ZBx+tSRVpcZqElRI=
last-modified: Thu, 11 Apr 2024 09:20:03 GMT
server: cloudflare
etag: W/"edca157e63c1ec51d4f0d926c455f313"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tuP%2BU4L5SaRomqiBQRL968PI8owhk7sLUMjjgiVj%2FVp6b%2FxoUWNbJOgwudd%2BbQr7MFIfsnNW3wI%2FSH65LR2ZkfU%2FgtPpkeibwJERh7fLlvHvhct28hKWBjAiR960Ten0cFMKgAwwwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 872bacd6381b9762-FRA

GET
H3 200 720.da266ba8d9bc4aa9c01f.js Show response
static.cleverpush.com/sdk/chunk/ 48 KB
11 KB 52ms
50ms Script
application/javascript 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.da266ba8d9bc4aa9c01f.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/oYCaLnDHepZdn6Kjy.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cec1854c6b8ea6682d7244def0b34b5206c98f71790818da2458c0dbe64e426

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XEMQFG93YGY5VH73
age: 18615
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RdG8fMiyV2Wpx/RjMgWMw+nymYhPJHOxNGzIMCpHkaI97F7meCpAypQNpepyojHnqVDkAS+eth0=
last-modified: Thu, 11 Apr 2024 09:20:06 GMT
server: cloudflare
etag: W/"38798b78419fb8fe75980f36deeb16be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2FfbehH8DDw5zVhjlkn8mBQn%2B%2BTZKsfAt6548X%2BpbX%2Fhz2%2B9pOLwWAaT8JSc7WXFYhmuNMubPg1KcGC6h6W2WBGNFEGof04cZqwyW%2BRMg8zwieVjPFbM6NcsE9CcmzK9tbIB6ODgVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 872bacd6381c9762-FRA

POST
H3 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
599 B 73ms
73ms Fetch
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/oYCaLnDHepZdn6Kjy.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.heuteistmeintag.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-1
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pym%2Fpas%2FIlmITL8XDavasAm3ymF35tRjqoZZPXf5j2ghF39aSkjzeFYCLxax7e1zmPsNS1QTZDI84sMMwlngevEusVrDUgNQznNiQ15rM%2BXpp00LU10vWR%2BkmiTS7kmQx3q4Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 872bacd7d9b12c5f-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage

POST
H3 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
595 B 70ms
70ms Fetch
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/oYCaLnDHepZdn6Kjy.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.heuteistmeintag.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-1
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bBO%2Bz1jyE4yKerz8b74gLbhiXLVm2nax296GdJj4bPsfv87k95slatGpc9a1Wau6aJ1mOr7OAD%2BZCMgzBmukD6XoX4jEmInsBw2A3VhnU1rotuMa8SODATTjYwMgorNRpdQ7zg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 872bacd7d9b62c5f-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage

GET
H2 200 global.pl Show response
www.heuteistmeintag.com/cgi-bin/ 1 B
82 B 77ms
75ms XHR
text/html 2606:4700::6812:19ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heuteistmeintag.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show

Requested by

Host: www.heuteistmeintag.com
URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:32 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-map-context: de
content-type: text/html
cf-ray: 872bacd6df503a3e-FRA
x-served-by: a-01

GET
H3 200 jfANooHaN3CGAoqCS.png
static.cleverpush.com/notification/icon/ 5 KB
5 KB 53ms
51ms Image
image/png 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/notification/icon/jfANooHaN3CGAoqCS.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dd2b94a3ff115cb7475222f18127dbf181da22ca662f7721b69a231d60c3da

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.heuteistmeintag.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:30:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N63QHGWYHF2SQD2X
age: 2087
alt-svc: h3=":443"; ma=86400
content-length: 5014
x-amz-id-2: FUajTDCjBVk4gjIUX5441vZkWlae3OFPTmXGdNZfOZGrzZbY0hSHlOYmxeheMwOGXGyxVTAh7/0=
last-modified: Mon, 19 Oct 2020 09:20:30 GMT
server: cloudflare
etag: "971cc209e2a268d6a0c46f9159caff90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ac4uhh8O55sI4ruWMbopj3c3cBUmWfN8lPVrui20wSwrOGfwkNK9FMgb3sxLTuR2So59rv38YhT3Psf4yUdsxw67hU3G2oi3j3MZtGrFqYEJatk%2FVea9%2FCMZnibOmXo%2BQuv%2FCge%2FEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 872bacd6d9149762-FRA

OPTIONS
H3 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 152ms
70ms Preflight
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heuteistmeintag.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 872bacd759362c5f-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Thu, 11 Apr 2024 14:30:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ComHZ%2BFnhEPf%2BasQZMKxY%2B%2FI27sTpDaekH5PhenPQT%2BnPZYo0sW6fRF8wUea%2BPOcze6cKKrZ7BDKrZB3%2FaE69wQw2t1%2BaQ%2B6JvPt8zVX8uIf6t5xNhykrZAnNARZPFzOX%2BFVGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H3 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 153ms
70ms Preflight
application/json 172.67.71.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heuteistmeintag.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 872bacd759382c5f-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Thu, 11 Apr 2024 14:30:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ABJvi0mRVYg2MTgQo0y3VJgDao0MbbrKhdTnGTRj54cpIP5ENf5ALeRZlsPpK%2BDRPcxMWjJbnACzjxm82nBk6OCEhBMR4VoaItEgDavAhaEJsGcvPnSFxkmWhRTHpy7%2FSoGtw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 00:06:37	Name: _GRECAPTCHA Value: 09AGh-wNSqHXrKtGZDuSI3lfcgFsYpKFIVjeRV-xi5zxmkE_GR-Rl4YMA8gZkUZ1XJ-EDTAZvuBg8XPp9ARXnmGfc
.buff.ly/	1970-01-21 00:06:37	Name: _bit Value: o3beut-48ce22f2cc5461d60f-00j
.lighthouse-hwy1.com/	1969-12-31 23:59:59	Name: sl Value: WcI2y9aZVDgUbGHDtKGOMBH6aE+XZvCP8QeOASymVFAOTtHWVjZbgQ==
.lighthouse-hwy1.com/	1970-01-21 05:23:25	Name: tym Value: Js7Kf2hQuH3BvKwZ0CI4yxH6aE+XZvCP8QeOASymVFAOTtHWVjZbgQ==
.lighthouse-hwy1.com/	1970-01-20 20:30:37	Name: c16988 Value: WcI2y9aZVDjsEMzmFEEdc6xrnPXRtbt1bMDpagR7n16jqrCL3IIQlA==
.adnxs.com/	1970-01-21 05:23:25	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:57:01	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2HaSDO2a=!@wnf-Te9(>wL5L!!'S1$kLbG
.adnxs.com/	1970-01-20 21:57:01	Name: XANDR_PANID Value: 66tIBhHJYrlonaO3LiW6bGiWTaf5TnBFRdywoa3LqmpwOIU073Z9viCk7_b8rK-xls-Z-gTFJVCMA0Fb4RuLt4yeKvJ75RZjdAXOlQhrxWA.
.adnxs.com/	1970-01-20 21:57:01	Name: uuid2 Value: 7448579806092445271

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.heuteistmeintag.com/cgi-bin/wingame.pl?partner_pk=1899&wingame_pk=138&freetest_pk=1628&sub_id=4321&sub_id_postback=362004488 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cleverpush.com
buff.ly
egenticapac.mycleverpush.com
lighthouse-hwy1.com
secure.adnxs.com
static.cleverpush.com
www.google.com
www.gstatic.com
www.heuteistmeintag.com
142.250.184.196
159.69.145.0
172.67.71.184
185.89.210.122
2606:4700::6812:19ae
2a00:1450:4001:81c::2003
34.76.98.215
67.199.248.12
013957918216490a7a6092735b2974a57ba30430b6b988177d92bfaa785d7382
10dfdd632501ee2b9b3afe989963b2ea8050eb82ebcecc2d009baafecdff6d70
31f815d1219c51cccee740434a5ca55948006957ea9d0d7c619afd708c1ca242
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
3fdcf90c7e14bc33b9e979ccc5d19c74c991ae35cd871e8bf86737f9818d14ec
543ba314b956dd5a4521de37e6f06abb1cb79bd922712b0be7b53cd92c53ff23
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73301104caccbee450b9d19427a73d4da68c1fa192b586fb23f2ca80687df38e
75765fdb0b771bab6b86c273837a2ceb67e7213b6d9d4e273c5214ca8c2aa3d0
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e
81a6e7fac4ab64cb7440b40b7301c654a97cb300e67b572988eaa8f36d2f69c9
82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1
86e4a30025c046f4a76f691ac97e1238f9f21d48453359e02f54078276f5a113
883bec56d9ff03c97184c1b9b4688d83f93d3b7e5a8f094e1d09d0c82370c36a
8cec1854c6b8ea6682d7244def0b34b5206c98f71790818da2458c0dbe64e426
8d24512fdc9a7a2e9090dd816400e0741d4f632a876951038ee4ae7a5e2cd847
9d7b621db4b7913c0e6fe5e6bb0cc31efa17e6b3c43e04c6405776e67483242e
a5cf071595c15595ac8a1e48dd562c2ec234276726c89d7fe5564cebbfc97fd9
a9dd2b94a3ff115cb7475222f18127dbf181da22ca662f7721b69a231d60c3da
ae95d608ee76e064ca676f3114fc5f48b0d5adac9ea3c9dbd137112f53c9b055
b29ffbb4f8333982c790ccf96206744389ebd6d6bca8a9c360973751b20d1573
c39db955c6d8f578d3a668462f50faf99fd44986f58592d44ddcf0b848637927
c769af398525b6cddcf2bb01d01b9491cfa948987e51d7964cfe6236159cf016
c885fe3584d7a7388d61578ac6497905573b7c2777873454100891313c0e3859
c88919bb9c836ec10f4bd2431c91ac57c7cdac9f5af98824c6e7cc19a83e0217
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d17497c99136331e168c72b86d40bf1eb3194fb6c728f9ac65b66d536c05b653
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f180db5bee6d0f0657465aa933e8e1f3492725403b3058424ab613998500ab
e946989edcd55ef02ecd1d0762630d6baaf20c0f62f4b75e65ceffaaa81d7fc6
ef128fb1e908062f0165e88ca33b725f508e6793c4cffb520778d43bbf154d7b
f3da607dc4e6637a6eb1c83aad352e1b934bf4cc8bb5420e0962e6f20336dc8a
f432bfb1eb65c535172718302daa407d61b235266bad1cbd1246d963b076b72e
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab
fcfb7b429d43cad72057b67f2cd907ff9015ede3b39faebec762c835616849dc

www.heuteistmeintag.com Open in urlscan Pro 2606:4700::6812:19ae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

96 %HTTPS

25 %IPv6

8 Domains

9 Subdomains

6 IPs

3 Countries

627 kBTransfer

1763 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.heuteistmeintag.com Open in urlscan Pro
2606:4700::6812:19ae Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

96 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

627 kB
Transfer

1763 kB
Size

9
Cookies

45 HTTP transactions
0 data transactions