www.geheimeaffaires.com Open in urlscan Pro
35.195.88.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://molly69.gq/
Effective URL:
https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
Submission: On February 04 via manual (February 4th 2021, 4:14:52 pm UTC) from US

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 7 countries across 13 domains to perform 55 HTTP transactions. The main IP is 35.195.88.46, located in Ascension Island and belongs to GOOGLE, US. The main domain is www.geheimeaffaires.com.
TLS certificate: Issued by R3 on January 5th 2021. Valid for: 3 months.

This is the only time www.geheimeaffaires.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	195.20.53.202 195.20.53.202	31624 (VFMNL-AS ...) (VFMNL-AS Amsterdam Location BGP Setup)
1 1	185.50.25.51 185.50.25.51	198610 (BEGET-AS) (BEGET-AS)
1 1	91.202.61.105 91.202.61.105	44571 (NETVILLAG...) (NETVILLAGE-AS)
1 2	2606:4700:303... 2606:4700:3035::ac43:c464	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.71.111.21 52.71.111.21	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.205.83.125 34.205.83.125	14618 (AMAZON-AES) (AMAZON-AES)
34	35.195.88.46 35.195.88.46	15169 (GOOGLE) (GOOGLE)
10	35.195.163.35 35.195.163.35	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	35.227.221.175 35.227.221.175	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
55	8

1 195.20.53.202 (Netherlands) 1 redirects

ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL)

molly69.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.50.25.51 (Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)
PTR: m2.free26.beget.com

r68450ex.beget.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.202.61.105 (Seychelles) 1 redirects

ASN44571 (NETVILLAGE-AS, SC)

sexdating4.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:c464 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

delivery.brkrbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.111.21 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-111-21.compute-1.amazonaws.com

trackoptimise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.83.125 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-83-125.compute-1.amazonaws.com

tracksfaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 35.195.88.46 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 46.88.195.35.bc.googleusercontent.com

www.geheimeaffaires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.195.163.35 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 35.163.195.35.bc.googleusercontent.com

eu.collectconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.eu.collectconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.221.175 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 175.221.227.35.bc.googleusercontent.com

static.dating	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	geheimeaffaires.com www.geheimeaffaires.com	975 KB
10	collectconsent.com eu.collectconsent.com api.eu.collectconsent.com	24 KB
4	google-analytics.com www.google-analytics.com	19 KB
2	doubleclick.net stats.g.doubleclick.net	160 B
2	static.dating static.dating	247 KB
2	brkrbb.com 1 redirects delivery.brkrbb.com	4 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	116 B
1	tracksfaster.com 1 redirects tracksfaster.com	759 B
1	trackoptimise.com 1 redirects trackoptimise.com	318 B
1	sexdating4.me 1 redirects sexdating4.me	526 B
1	beget.tech 1 redirects r68450ex.beget.tech	386 B
1	molly69.gq 1 redirects molly69.gq	235 B
55	13

	Domain	Requested by
34	www.geheimeaffaires.com	delivery.brkrbb.com www.geheimeaffaires.com
8	api.eu.collectconsent.com	eu.collectconsent.com
4	www.google-analytics.com	www.geheimeaffaires.com www.google-analytics.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	static.dating	www.geheimeaffaires.com
2	eu.collectconsent.com	www.geheimeaffaires.com eu.collectconsent.com
2	delivery.brkrbb.com	1 redirects
1	www.google.de	www.geheimeaffaires.com
1	www.google.com	www.geheimeaffaires.com
1	tracksfaster.com	1 redirects
1	trackoptimise.com	1 redirects
1	sexdating4.me	1 redirects
1	r68450ex.beget.tech	1 redirects
1	molly69.gq	1 redirects
55	14

This site contains no links.

Subject Issuer	Validity	Valid
geheimeaffaires.com R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
eu.collectconsent.com R3	`2021-01-01` - `2021-04-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
static.dating R3	`2021-01-02` - `2021-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
Frame ID: CB6FFD7CDEC7099078E7F69A1C74C488
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://molly69.gq/ HTTP 301
http://r68450ex.beget.tech/v HTTP 302
http://sexdating4.me/?r=118&gr=1 HTTP 302
https://delivery.brkrbb.com/47206?session_id=161245527055671&subaffiliate_id=84 HTTP 302
http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx16... Page URL
https://trackoptimise.com/?a=13237&c=64416&s2=px161245527162a6c601c1d672d412847248093&s3=6184&s4=84 HTTP 302
https://tracksfaster.com/?a=13237&c=64416&s2=px161245527162a6c601c1d672d412847248093&s3=6184&s4=84&ck... HTTP 302
https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

55
Requests

98 %
HTTPS

38 %
IPv6

13
Domains

14
Subdomains

8
IPs

7
Countries

1266 kB
Transfer

1608 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://molly69.gq/ HTTP 301
http://r68450ex.beget.tech/v HTTP 302
http://sexdating4.me/?r=118&gr=1 HTTP 302
https://delivery.brkrbb.com/47206?session_id=161245527055671&subaffiliate_id=84 HTTP 302
http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx161245527162a6c601c1d672d412847248093%26s3%3D6184%26s4%3D84&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161245527055671%26subaffiliate_id%3D84%26tt%3D1 Page URL
https://trackoptimise.com/?a=13237&c=64416&s2=px161245527162a6c601c1d672d412847248093&s3=6184&s4=84 HTTP 302
https://tracksfaster.com/?a=13237&c=64416&s2=px161245527162a6c601c1d672d412847248093&s3=6184&s4=84&ckmguid=af606bc3-1dc6-4722-bb4a-b7a4ced8bbb2 HTTP 302
https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://molly69.gq/ HTTP 301
http://r68450ex.beget.tech/v HTTP 302
http://sexdating4.me/?r=118&gr=1 HTTP 302
https://delivery.brkrbb.com/47206?session_id=161245527055671&subaffiliate_id=84 HTTP 302
http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx161245527162a6c601c1d672d412847248093%26s3%3D6184%26s4%3D84&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161245527055671%26subaffiliate_id%3D84%26tt%3D1

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set r Show response
delivery.brkrbb.com/
Redirect Chain

http://molly69.gq/
http://r68450ex.beget.tech/v
http://sexdating4.me/?r=118&gr=1
https://delivery.brkrbb.com/47206?session_id=161245527055671&subaffiliate_id=84
http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx161245527162a6c601c1d672d412847248093%26s3%3D6184%26s4%3D84&redirect_back=https%3A%2F%2Fdelivery...

906 B
2 KB

168ms
162ms

Document
text/html

2606:4700:3035::ac43:c464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx161245527162a6c601c1d672d412847248093%26s3%3D6184%26s4%3D84&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161245527055671%26subaffiliate_id%3D84%26tt%3D1
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / HHVM/3.11.1
Resource Hash: 512b0c8db3c951a96e30203885b3b45258cf4faae1fe36aceb04fbe70546166b

Request headers

Host: delivery.brkrbb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=d245424306f11483ab9da7525e84002a81612455271; 51D_Bandwidth=1612455271.1583; ubbc=eyJpdiI6IjZ1QllWSm9pOHNqSGFqTEpZNU1OZlE9PSIsInZhbHVlIjoiYUlDaDd3VEhGVVA0XC9cL21iR09qTkhnPT0iLCJtYWMiOiIxYWNlMmM4NzA4OTI0MTAxODJhYjJmMWRhMTI4MjE0ZGFjZDExOTkxMTJkODkzMjk2YjdhNDhmYmJhNDhjMGZjIn0%3D; bbuc=eyJpdiI6IjkrNG96aUg2c005M0lmM2hYYVB4YWc9PSIsInZhbHVlIjoibUhqWGhzdTd2QVRIeWxCZEoxRm9jbkJUSFBrUlpHQ3hyeWxRYnRcL1dzY2M9IiwibWFjIjoiMmE3NDVkZjVhOTJiY2E4YjVjODViMmM4Njc5MjAwODAxOWE1ZWE1OGEyMWUzNzI1OWYxNjZiM2EzYzNjZmJhZSJ9; bbrc=eyJpdiI6ImpwVlc2RlF6TTlBU3dmaUFFbHFUOVE9PSIsInZhbHVlIjoiUTFUVzdRZmtRTmdUdHVzeFZlR0JEdz09IiwibWFjIjoiMjg4NTZlNjhmMWVhZDgzNWQyNmIxMWFkMzAyNjY0OTlmMDNjY2QwMTkzZTMyNTAxMTdiMWU5YjI3N2U2ZWQ4ZiJ9; laravel_session=eyJpdiI6InB4MGxjMWtibDhEZ2Q5OFVZMnc4ZFE9PSIsInZhbHVlIjoidmxvQjkwVWd0RlJQcVVxS0JqZ3JDRzZmdmFVU1VWTGgxQnc4XC8xbWZoWktEcnRrUlBHN1RENkdRV1wvMmdsSThMVENKS0NMQmtwaGhcLzRoOUhYY1Rsa1E9PSIsIm1hYyI6ImQ3MGZiY2Q0OGFmMjUzNzJkZWFiMTkxNWRkZDk4NDUzZTI2NDRiYjViNjk5MGIzMjRkOWU4NzUwZTNjMGY4NmUifQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 16:14:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: laravel_session=eyJpdiI6IlZDcGY2XC9NQU5SZkljZ1pXM2RnMnl3PT0iLCJ2YWx1ZSI6IkZoeXlyVk0yZ3JOQ3pkeW1sVlNhVG9QT2hEd1p1bmhjZjFQc0RLc3Q3TG1rNEJlWDBzenZqY1RsMHZkYkYwNFhpSWYrWktnam9qQUJQTThpUjMwQlZnPT0iLCJtYWMiOiJmYjU4YTNiMDY5ODNmMzJkMDM0NGU0ZGMyNDViODgyYTJhMDFiMjcxMmFkMDYyMzlmODAyYjIxZTNkZmEzMGMwIn0%3D; path=/; httponly __cf_bm=2d0b11607616d4870b26e3d96e9d98b637ab45eb-1612455271-1800-AdUHcZvxoBH8iWSa8XzH6+qjCDOh+QHDoOwaq0GO0m+ILPrfg/wg24hI/TMIDRd2Gu2i06F+wGNaREKak/4FdyM=; path=/; expires=Thu, 04-Feb-21 16:44:31 GMT; domain=.brkrbb.com; HttpOnly; SameSite=None
X-Powered-By: HHVM/3.11.1
Vary: Accept-Encoding
Cache-Control: no-cache
CF-Cache-Status: DYNAMIC
cf-request-id: 080f6bf3a200003244971ad000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OAq%2F1mHYUKkPFOf3MPRvcDPLO7vgFlb2eQdTeq%2Fk8WmOlXCwlpwJNYH5rWhrFOW14O%2FX5HLY32flD0xx7tAp%2Ba8zBy%2BNzmjDW8zAMo8S%2BB3NLT%2BB22fyHUSd6WkXtNnG"}],"max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 61c5af65d9ee3244-FRA
Content-Encoding: gzip

Redirect headers

date: Thu, 04 Feb 2021 16:14:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d245424306f11483ab9da7525e84002a81612455271; expires=Sat, 06-Mar-21 16:14:31 GMT; path=/; domain=.brkrbb.com; HttpOnly; SameSite=Lax 51D_Bandwidth=1612455271.1583 ubbc=eyJpdiI6IjZ1QllWSm9pOHNqSGFqTEpZNU1OZlE9PSIsInZhbHVlIjoiYUlDaDd3VEhGVVA0XC9cL21iR09qTkhnPT0iLCJtYWMiOiIxYWNlMmM4NzA4OTI0MTAxODJhYjJmMWRhMTI4MjE0ZGFjZDExOTkxMTJkODkzMjk2YjdhNDhmYmJhNDhjMGZjIn0%3D; expires=Fri, 05-Feb-2021 16:14:31 GMT; Max-Age=86400; path=/; httponly bbuc=eyJpdiI6IjkrNG96aUg2c005M0lmM2hYYVB4YWc9PSIsInZhbHVlIjoibUhqWGhzdTd2QVRIeWxCZEoxRm9jbkJUSFBrUlpHQ3hyeWxRYnRcL1dzY2M9IiwibWFjIjoiMmE3NDVkZjVhOTJiY2E4YjVjODViMmM4Njc5MjAwODAxOWE1ZWE1OGEyMWUzNzI1OWYxNjZiM2EzYzNjZmJhZSJ9; expires=Fri, 05-Feb-2021 16:14:31 GMT; Max-Age=86400; path=/; httponly bbrc=eyJpdiI6ImpwVlc2RlF6TTlBU3dmaUFFbHFUOVE9PSIsInZhbHVlIjoiUTFUVzdRZmtRTmdUdHVzeFZlR0JEdz09IiwibWFjIjoiMjg4NTZlNjhmMWVhZDgzNWQyNmIxMWFkMzAyNjY0OTlmMDNjY2QwMTkzZTMyNTAxMTdiMWU5YjI3N2U2ZWQ4ZiJ9; expires=Thu, 04-Feb-2021 23:14:31 GMT; Max-Age=25200; path=/; httponly laravel_session=eyJpdiI6InB4MGxjMWtibDhEZ2Q5OFVZMnc4ZFE9PSIsInZhbHVlIjoidmxvQjkwVWd0RlJQcVVxS0JqZ3JDRzZmdmFVU1VWTGgxQnc4XC8xbWZoWktEcnRrUlBHN1RENkdRV1wvMmdsSThMVENKS0NMQmtwaGhcLzRoOUhYY1Rsa1E9PSIsIm1hYyI6ImQ3MGZiY2Q0OGFmMjUzNzJkZWFiMTkxNWRkZDk4NDUzZTI2NDRiYjViNjk5MGIzMjRkOWU4NzUwZTNjMGY4NmUifQ%3D%3D; path=/; httponly __cf_bm=86c1ab27b9d12125aeae8007ed3d08ca277d5bc9-1612455271-1800-AVBp6eChyq851vHY8N0qDywdmV/NEbBmicsEBGuLXhnfxfZpEZ7E50sZUBmZWBcMn7JBxwOT9mGTZDYTTXy5J8I=; path=/; expires=Thu, 04-Feb-21 16:44:31 GMT; domain=.brkrbb.com; HttpOnly; Secure; SameSite=None
location: http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx161245527162a6c601c1d672d412847248093%26s3%3D6184%26s4%3D84&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161245527055671%26subaffiliate_id%3D84%26tt%3D1
cache-control: no-cache
vary: Accept-Encoding
x-powered-by: HHVM/3.11.1
cf-cache-status: DYNAMIC
cf-request-id: 080f6bf2610000c2ef29b27000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5%2BQB%2B82Kmsx30%2BhvsPtM8XsBy7MHv7nn26reQ9nMMS0BK%2FCPlH2nk6dmnDitOSuDM%2FDGKyMlI5rAbAaZePM6aNtvKEVc5poIY7w%2FsXghH8s4c5uRNeAwC57SxSsK0qCo"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 61c5af63c935c2ef-FRA

GET
H2

200

Primary Request landing3 Show response
www.geheimeaffaires.com/
Redirect Chain

https://trackoptimise.com/?a=13237&c=64416&s2=px161245527162a6c601c1d672d412847248093&s3=6184&s4=84
https://tracksfaster.com/?a=13237&c=64416&s2=px161245527162a6c601c1d672d412847248093&s3=6184&s4=84&ckmguid=af606bc3-1dc6-4722-bb4a-b7a4ced8bbb2
https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

17 KB
4 KB

230ms
141ms

Document
text/html

35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Requested by

Host: delivery.brkrbb.com
URL: http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx161245527162a6c601c1d672d412847248093%26s3%3D6184%26s4%3D84&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161245527055671%26subaffiliate_id%3D84%26tt%3D1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.34

Resource Hash

a0b9fff20c442599c0b4dbb6ceac3b0948e3280f84904135b6db12bb2baba9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.geheimeaffaires.com
:scheme: https
:path: /landing3?cat=milf&pi=13237&pt1=3107318012
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx161245527162a6c601c1d672d412847248093%26s3%3D6184%26s4%3D84&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161245527055671%26subaffiliate_id%3D84%26tt%3D1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx161245527162a6c601c1d672d412847248093%26s3%3D6184%26s4%3D84&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161245527055671%26subaffiliate_id%3D84%26tt%3D1

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Thu, 04 Feb 2021 16:14:32 GMT
content-type: text/html;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: geheimeaffaires.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 383145882
age: 0
x-cache: MISS
accept-ranges: bytes
via: 1.1 varnish (Varnish/6.0), 1.1 google
alt-svc: clear
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

Redirect headers

Cache-Control: private
Content-Length: 198
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Feb 2021 16:14:32 GMT
Location: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=QQ+Ss62GXF0zQZubGyeMyQgG37vCi/p/tRsd/9SpKnDtUWEM43NsCA==; domain=.tracksfaster.com; path=/; HttpOnly trk=miSMGsTFPoY9uj+J9X75kQgG37vCi/p/tRsd/9SpKnDtUWEM43NsCA==; domain=.tracksfaster.com; expires=Wed, 04-Feb-2026 16:14:32 GMT; path=/; HttpOnly c18047=QQ+Ss62GXF1+qnSXKgZX8BRGPfh9/LmLzcAiR4YfjkfVdGITd/kYsA==; domain=.tracksfaster.com; expires=Sat, 06-Mar-2021 16:14:32 GMT; path=/; HttpOnly
Connection: close

GET
H2 200 landing3.css
www.geheimeaffaires.com/landers/css/ 31 KB
5 KB 1028ms
1027ms Stylesheet
text/css 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/css/landing3.css

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.34

Resource Hash

e8d9f9a65d049c09dcd5eab729cb79b519cd48b08209f5e92c2fe336908988e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-powered-by: PHP/7.2.34
x-cache: MISS
x-host: geheimeaffaires.com
alt-svc: clear
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-varnish: 383461862
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css;charset=UTF-8

GET
H2 200 pornhub.css
www.geheimeaffaires.com/landers/css/theme/ 11 KB
2 KB 37ms
36ms Stylesheet
text/css 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/css/theme/pornhub.css

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.34

Resource Hash

210908261a19fc6d61a7ffc754d768ece1a1d0b114854969e70c8ff735d69f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-powered-by: PHP/7.2.34
x-cache: HIT
x-host: geheimeaffaires.com
alt-svc: clear
content-length: 1886
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-varnish: 387244441 386389767
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css;charset=UTF-8

GET
H2 200 fontawesome-all.min.css
www.geheimeaffaires.com/landers/css/ 50 KB
11 KB 40ms
40ms Stylesheet
text/css 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/css/fontawesome-all.min.css

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: clear
content-length: 10650
last-modified: Thu, 28 Jan 2021 13:38:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6012be3d-c970"
strict-transport-security: max-age=63072000;
x-varnish: 385342686 384135054
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css

GET
H2 200 logo.png
www.geheimeaffaires.com/img/ 5 KB
5 KB 27ms
27ms Image
image/png 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/img/logo.png

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7aa4551756597459a1c604b16b417fd02900aa4a4a2d63dbb2f866c7e848c157

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 12:37:12 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "140a-5b9f52591ee00"
vary: X-Forwarded-Proto,Host
content-type: image/png
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 5130
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 loading.gif
www.geheimeaffaires.com/landers/images/loader/ 3 KB
3 KB 39ms
39ms Image
image/gif 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/loader/loading.gif

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:32 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: clear
content-length: 2892
last-modified: Thu, 28 Jan 2021 13:38:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6012be3e-b4c"
strict-transport-security: max-age=63072000;
x-varnish: 385439243 382518871
cache-control: max-age=300
accept-ranges: bytes
content-type: image/gif

GET
H2 200 vendor.js Show response
www.geheimeaffaires.com/landers/js/ 121 KB
43 KB 74ms
74ms Script
application/javascript 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/js/vendor.js

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

12cb7afeef0eb204f9307b2fd9604a7ab20c39c106604e102054454777fced70

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: clear
content-length: 43542
last-modified: Thu, 28 Jan 2021 13:38:12 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6012be44-1e2ae"
strict-transport-security: max-age=63072000;
x-varnish: 387977871 385093635
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 fa-solid-900.woff2
www.geheimeaffaires.com/landers/webfonts/ 90 KB
90 KB 37ms
37ms Font
application/octet-stream 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/webfonts/fa-solid-900.woff2

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landers/css/fontawesome-all.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.geheimeaffaires.com
Referer: https://www.geheimeaffaires.com/landers/css/fontawesome-all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:33 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: clear
content-length: 91792
last-modified: Thu, 28 Jan 2021 13:38:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6012be3e-16690"
strict-transport-security: max-age=63072000;
x-varnish: 387499797 386869773
cache-control: max-age=300
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 cc.js Show response
eu.collectconsent.com/ 117 KB
14 KB 112ms
56ms Script
application/javascript 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.collectconsent.com/cc.js?wId=41YuKVaYkGa5iFXaJ3xU48&domain=geheimeaffaires.com&languageCode=nl&languageTerritory=BE&sessionId=d5e6f47cf49e459387a28dc92ff117a2

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c05958d60a454f4c12e4dfc81e01964b8789be91d2a086343f87aa2e3d543771

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/javascript
vary: Accept-Encoding
content-length: 14057

GET
H2 200 landing3.js Show response
www.geheimeaffaires.com/landers/js/ 53 KB
15 KB 78ms
77ms Script
application/javascript 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/js/landing3.js

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

f765a6b18b2f3587a62c49cf412d78e49f36179dde77595b85c6b19c05e2e7f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
last-modified: Thu, 28 Jan 2021 13:38:12 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6012be44-d5ee"
strict-transport-security: max-age=63072000;
x-varnish: 387946670
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landers/js/landing3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2966
date: Thu, 04 Feb 2021 15:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 04 Feb 2021 17:25:07 GMT

GET
H2 200 nl-be2.json Show response
static.dating/lander/translations/ 123 KB
124 KB 67ms
24ms XHR
application/octet-stream 35.227.221.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dating/lander/translations/nl-be2.json
Requested by: Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landers/js/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.221.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.221.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6e5d3df4826d91051edcd25179eb72580b99aec9865e7f17bbeb3f053ca7061e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:34:36 GMT
age: 2398
x-guploader-uploadid: ABg5-UwuEUl1L-yjWYcNmxQmvO3J2tLc9v3tvCHdCMgucJhAcrZDPUjQ54CCQzIJPMRt1pcmqsmwt6WZATlGXqKuIPlJ3vnAFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 125969
last-modified: Wed, 18 Nov 2020 15:19:05 GMT
server: UploadServer
etag: "dce3f7d08f740550c6b2d44327857a3d"
x-goog-hash: crc32c=ffkFxQ==, md5=3OP30I90BVDGstRDJ4V6PQ==
x-goog-generation: 1605712745095235
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 125969
accept-ranges: bytes
content-type: application/octet-stream
expires: Thu, 04 Feb 2021 16:34:36 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
73 B 14ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=161037595&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geheimeaffaires.com%2Flanding3%3Fcat%3Dmilf%26pi%3D13237%26pt1%3D3107318012&dr=http%3A%2F%2Fdelivery.brkrbb.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrackoptimise.com%252F%253Fa%253D13237%2526c%253D64416%2526s2%253Dpx161245527162a6c601c1d672d412847248093%2526s3%253D6184%2526s4%253D84%26redirect_back%3Dhttps%253A%252F%252Fdelivery.brkrbb.com%252F47206%252F%253Fsession_id%253D161245527055671%2526subaffiliate_id%253D84%2526tt%253D1&ul=en-us&de=UTF-8&dt=geheimeaffaires.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABEAAAAC~&jid=1740828442&gjid=1354133629&cid=1776019390.1612455274&tid=UA-132064855-2&_gid=1843931095.1612455274&_r=1&_slc=1&z=864487735

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 16:14:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geheimeaffaires.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
27 B 14ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=161037595&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geheimeaffaires.com%2Flanding3%3Fcat%3Dmilf%26pi%3D13237%26pt1%3D3107318012&dr=http%3A%2F%2Fdelivery.brkrbb.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrackoptimise.com%252F%253Fa%253D13237%2526c%253D64416%2526s2%253Dpx161245527162a6c601c1d672d412847248093%2526s3%253D6184%2526s4%253D84%26redirect_back%3Dhttps%253A%252F%252Fdelivery.brkrbb.com%252F47206%252F%253Fsession_id%253D161245527055671%2526subaffiliate_id%253D84%2526tt%253D1&ul=en-us&de=UTF-8&dt=geheimeaffaires.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABEAAAAC~&jid=1698527731&gjid=1221515616&cid=1776019390.1612455274&tid=UA-132064855-5&_gid=1843931095.1612455274&_r=1&_slc=1&z=676043267

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 16:14:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geheimeaffaires.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 13ms
12ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=161037595&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geheimeaffaires.com%2Flanding3%3Fcat%3Dmilf%26pi%3D13237%26pt1%3D3107318012&dr=http%3A%2F%2Fdelivery.brkrbb.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrackoptimise.com%252F%253Fa%253D13237%2526c%253D64416%2526s2%253Dpx161245527162a6c601c1d672d412847248093%2526s3%253D6184%2526s4%253D84%26redirect_back%3Dhttps%253A%252F%252Fdelivery.brkrbb.com%252F47206%252F%253Fsession_id%253D161245527055671%2526subaffiliate_id%253D84%2526tt%253D1&ul=en-us&de=UTF-8&dt=geheimeaffaires.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABEAAAAC~&jid=424877087&gjid=942005873&cid=1776019390.1612455274&tid=UA-120355740-5&_gid=1843931095.1612455274&_r=1&_slc=1&z=209669090

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geheimeaffaires.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 search Show response
www.geheimeaffaires.com/json/profile/ 71 KB
72 KB 128ms
128ms XHR
application/json 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/json/profile/search

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landers/js/vendor.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ab43ca2bc00ab060ce93f0360d2c36162b60601c6eb3fee88bc79575803a6c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
vary: X-Forwarded-Proto,Host
content-type: application/json
access-control-allow-origin: https://www.geheimeaffaires.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 nl-be2.json Show response
static.dating/lander/translations/ 123 KB
123 KB 44ms
44ms XHR
application/octet-stream 35.227.221.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dating/lander/translations/nl-be2.json
Requested by: Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landers/js/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.221.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.221.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6e5d3df4826d91051edcd25179eb72580b99aec9865e7f17bbeb3f053ca7061e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:34:36 GMT
age: 2398
x-guploader-uploadid: ABg5-UwuEUl1L-yjWYcNmxQmvO3J2tLc9v3tvCHdCMgucJhAcrZDPUjQ54CCQzIJPMRt1pcmqsmwt6WZATlGXqKuIPlJ3vnAFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 125969
last-modified: Wed, 18 Nov 2020 15:19:05 GMT
server: UploadServer
etag: "dce3f7d08f740550c6b2d44327857a3d"
x-goog-hash: crc32c=ffkFxQ==, md5=3OP30I90BVDGstRDJ4V6PQ==
x-goog-generation: 1605712745095235
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 125969
accept-ranges: bytes
content-type: application/octet-stream
expires: Thu, 04 Feb 2021 16:34:36 GMT

GET
H2 200 01.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 1 KB
1 KB 42ms
38ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/01.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

b2565973fae507cdb0511351ce1e312f8bf8d048aa9d30dc2daff6fea2ee3b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 1168
last-modified: Thu, 28 Jan 2021 13:38:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6012be3d-490"
strict-transport-security: max-age=63072000;
x-varnish: 382850099
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 02.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 43 KB
43 KB 46ms
43ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/02.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

01215a6fb6a63240579c3117c5406be4959b084fa3a166c8c074f6e0d4b64e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 43762
last-modified: Thu, 28 Jan 2021 13:38:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6012be3d-aaf2"
strict-transport-security: max-age=63072000;
x-varnish: 385309860
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 03.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 1 KB
1 KB 42ms
39ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/03.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

885c37300020c7f8c8177e381bba3ab97b21709237a504ab8cdb0f4a72c8032e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 1060
last-modified: Thu, 28 Jan 2021 13:38:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6012be3d-424"
strict-transport-security: max-age=63072000;
x-varnish: 385498379
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 04.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 33 KB
33 KB 40ms
38ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/04.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c71a83323b1accc71e57c95b154d3de271d07ce0fd4c3ef3c8b182f96815f475

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 33565
last-modified: Thu, 28 Jan 2021 13:38:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6012be3d-831d"
strict-transport-security: max-age=63072000;
x-varnish: 387977874
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 05.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 1 KB
2 KB 39ms
37ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/05.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

532e05ec06d04f16a6474d895da6d81de18e0177961df4641cfa2fe692a2aed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 1256
last-modified: Thu, 28 Jan 2021 13:38:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6012be3d-4e8"
strict-transport-security: max-age=63072000;
x-varnish: 385845777
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 06.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 121 KB
121 KB 45ms
43ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/06.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a58aec386c524bf5e2f0e451e646b1a2ff2ad42666d06abf61c60209314dc76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 123596
last-modified: Thu, 28 Jan 2021 13:38:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6012be3d-1e2cc"
strict-transport-security: max-age=63072000;
x-varnish: 382159831
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
90 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-132064855-2&cid=1776019390.1612455274&jid=1740828442&gjid=1354133629&_gid=1843931095.1612455274&_u=KEBAAEAAEAAAAC~&z=25040748

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Feb 2021 16:14:34 GMT
content-type: text/plain
access-control-allow-origin: https://www.geheimeaffaires.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-132064855-5&cid=1776019390.1612455274&jid=1698527731&gjid=1221515616&_gid=1843931095.1612455274&_u=KEDAAEABEAAAAC~&z=254037830

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Feb 2021 16:14:34 GMT
content-type: text/plain
access-control-allow-origin: https://www.geheimeaffaires.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
116 B 31ms
29ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-132064855-5&cid=1776019390.1612455274&jid=1698527731&_u=KEDAAEABEAAAAC~&z=430365628

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-132064855-5&cid=1776019390.1612455274&jid=1698527731&_u=KEDAAEABEAAAAC~&z=430365628

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 collector
api.eu.collectconsent.com/consent/ 0
0 98ms
29ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/collector

Protocol

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Thu, 04 Feb 2021 16:14:34 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

GET
H2 200 cc.css
eu.collectconsent.com/ 24 KB
4 KB 46ms
45ms Stylesheet
text/css 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.collectconsent.com/cc.css

Requested by

Host: eu.collectconsent.com
URL: https://eu.collectconsent.com/cc.js?wId=41YuKVaYkGa5iFXaJ3xU48&domain=geheimeaffaires.com&languageCode=nl&languageTerritory=BE&sessionId=d5e6f47cf49e459387a28dc92ff117a2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Oct 2020 08:07:25 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6073-5b1b123761e40-gzip"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 3892

POST
H2 200 collector Show response
api.eu.collectconsent.com/consent/ 4 KB
4 KB 52ms
52ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/collector

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

087f266f4362479148b04b7e057c942b8df71855b438f70f0ea2fac56331b40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
content-length: 4144

GET
H2 200 155637.jpg
www.geheimeaffaires.com/content/3/335237/fotos/ 27 KB
27 KB 51ms
41ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335237/fotos/155637.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

0c93edb433ecce548cb284b1645c949eab3101ea1625007e1b53cee8870beb06

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 17:39:08 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6b72-5ba72106f65f8"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 27506
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155629.jpg
www.geheimeaffaires.com/content/3/335233/fotos/ 26 KB
26 KB 52ms
42ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335233/fotos/155629.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

75ea9876b10f9f91403df53df911766463e56341cc0e72575c942ee957e5187f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 17:39:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "67a2-5ba72105b8f7d"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 26530
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155595.jpg
www.geheimeaffaires.com/content/3/335215/fotos/ 32 KB
32 KB 41ms
31ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335215/fotos/155595.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

d4eed03b95ced20ae474ca9be1d7d51e561f536e0a9543409e41f435218e1587

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 17:29:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "7e77-5ba71eca5a011"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 32375
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155585.jpg
www.geheimeaffaires.com/content/3/335211/fotos/ 24 KB
24 KB 41ms
32ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335211/fotos/155585.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

637aa336b4c2df9794c389d687408f40a42a8be9792cce51ea3d6604ea358193

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 17:29:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5fc5-5ba71ec8a4794"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 24517
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155583.jpg
www.geheimeaffaires.com/content/3/335209/fotos/ 27 KB
27 KB 45ms
36ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335209/fotos/155583.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

695ac0d327be1306a6e5ad7dd4febffa7bd974fd410e391db98ebb3b5153ea6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 17:24:09 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6b3f-5ba71dad7fea8"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 27455
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155551.jpg
www.geheimeaffaires.com/content/3/335193/fotos/ 31 KB
31 KB 45ms
37ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335193/fotos/155551.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

51be42ab4f645f9321bd73e97e15cc36777e72d7a9748e579a8c960dfeb635a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 17:14:09 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "7a4f-5ba71b7179f2e"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 31311
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155517.jpg
www.geheimeaffaires.com/content/3/335151/fotos/ 39 KB
40 KB 54ms
46ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335151/fotos/155517.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

84b66a71a3e994e87cdafcd55acb8e269228353d8854f63ac0e411903950247a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 10:49:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "9d84-5ba6c560204c8"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 40324
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155487.jpg
www.geheimeaffaires.com/content/3/335137/fotos/ 28 KB
28 KB 43ms
35ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335137/fotos/155487.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

dbb5adfbb93dbb816451b455b1f2175639ae087d404914882e0da92c4cc9c4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 10:44:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6e0c-5ba6c441eb81c"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 28172
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155473.jpg
www.geheimeaffaires.com/content/3/335129/fotos/ 29 KB
29 KB 45ms
37ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335129/fotos/155473.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a6f043d2d6d0c433a03314cf86acb499682d16514175b1ed545bce24c6f651e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 10:29:09 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "72b5-5ba6c0eb28813"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 29365
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155461.jpg
www.geheimeaffaires.com/content/3/335123/fotos/ 31 KB
31 KB 51ms
43ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335123/fotos/155461.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

bf7860d089d54ecfa554f74f4ff766b974aff01c4432ce3fc6483dd3a74b3dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 10:29:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "7acf-5ba6c0e9a1da4"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 31439
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155447.jpg
www.geheimeaffaires.com/content/3/335115/fotos/ 26 KB
26 KB 59ms
52ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/335115/fotos/155447.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

506c80b04a5c3c901fbc5c3f205a2644df3474e7ef572217e7d13747307dd943

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 10:24:22 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "66d5-5ba6bfd9d7bfb"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 26325
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155355.jpg
www.geheimeaffaires.com/content/3/334993/fotos/ 29 KB
29 KB 58ms
51ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/334993/fotos/155355.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

6f47ae69daa099ae97f0e63c99ca9a233a1450e1c663f3e44940663e62da41e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 08:59:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "72db-5ba56aed04f3e"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 29403
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155343.jpg
www.geheimeaffaires.com/content/3/334985/fotos/ 28 KB
29 KB 56ms
49ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/334985/fotos/155343.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

2670d68466b8533ffd681a003c02f7e89ba5eef9bd9915cb2df54a19074f02a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 08:54:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "710c-5ba569ceaa11f"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 28940
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155325.jpg
www.geheimeaffaires.com/content/3/334977/fotos/ 30 KB
30 KB 56ms
49ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/334977/fotos/155325.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c097003f266c52749912119652a5a8489828f6b552c40e126bff92e575e31666

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 08:49:08 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "77b5-5ba568b28d724"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 30645
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155309.jpg
www.geheimeaffaires.com/content/3/334969/fotos/ 24 KB
24 KB 51ms
44ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/334969/fotos/155309.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

f40cdb79da2c1eb047c581bb6338deb58a85f81e926ff4f4d8791dcbb40afc09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 08:44:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5fe4-5ba56793a7e1b"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 24548
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155257.jpg
www.geheimeaffaires.com/content/3/334899/fotos/ 32 KB
32 KB 50ms
45ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/334899/fotos/155257.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

30c6362b6b82d05e823653d8cf0317a84cb1501b2f3578873c9fd5a1d698e2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 15:04:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "803a-5ba47aa659d7c"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 32826
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155243.jpg
www.geheimeaffaires.com/content/3/334893/fotos/ 29 KB
29 KB 60ms
55ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/334893/fotos/155243.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

47fcab3faeb846baf087cb0cf2ceca792a7c03012c428fbc0beeb62c015de321

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 15:04:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "7490-5ba47aa411d15"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 29840
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 155207.jpg
www.geheimeaffaires.com/content/3/334873/fotos/ 28 KB
28 KB 58ms
53ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/334873/fotos/155207.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

bea8b8d51d3a878f07217e024232ec64b4eaf955bd10297ce4cdbb496d6051e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 14:54:21 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6f9c-5ba47877a933b"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 28572
x-ua-compatible: IE=edge,chrome=1

POST
H2 200 loadSegment Show response
api.eu.collectconsent.com/consent/ 280 B
496 B 40ms
40ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5214f7f399be349fe1f4126dc4518ebcc8aa4d59d53be50a29e11de3cf0a69c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
content-length: 280

OPTIONS
H2 200 loadSegment
api.eu.collectconsent.com/consent/ 0
0 39ms
38ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Protocol

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Thu, 04 Feb 2021 16:14:34 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

POST
H2 200 loadSegment Show response
api.eu.collectconsent.com/consent/ 373 B
589 B 33ms
33ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

f60199aed20dc666a5329f1c6c97554ce39728e6b724522ddc708c173287943b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
content-length: 373

OPTIONS
H2 200 loadSegment
api.eu.collectconsent.com/consent/ 0
0 29ms
28ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Protocol

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Thu, 04 Feb 2021 16:14:34 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

OPTIONS
H2 200 confirmExplicit
api.eu.collectconsent.com/consent/ 0
0 29ms
29ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/confirmExplicit

Protocol

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Thu, 04 Feb 2021 16:14:34 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

POST
H2 200 confirmExplicit Show response
api.eu.collectconsent.com/consent/ 0
214 B 45ms
44ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/confirmExplicit

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3107318012
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Feb 2021 16:14:34 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
content-length: 0

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geheimeaffaires.com/	1970-01-19 15:54:15	Name: _gat_c Value: 1
.geheimeaffaires.com/	1970-01-19 15:54:15	Name: _gat_b Value: 1
.geheimeaffaires.com/	1970-01-19 15:55:41	Name: _gid Value: GA1.2.1843931095.1612455274
.geheimeaffaires.com/	1970-01-19 15:54:15	Name: _gat_a Value: 1
.geheimeaffaires.com/	1970-01-20 09:25:27	Name: _ga Value: GA1.2.1776019390.1612455274

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.eu.collectconsent.com
delivery.brkrbb.com
eu.collectconsent.com
molly69.gq
r68450ex.beget.tech
sexdating4.me
static.dating
stats.g.doubleclick.net
trackoptimise.com
tracksfaster.com
www.geheimeaffaires.com
www.google-analytics.com
www.google.com
www.google.de
185.50.25.51
195.20.53.202
2606:4700:3035::ac43:c464
2a00:1450:4001:809::200e
2a00:1450:4001:810::2004
2a00:1450:4001:827::2003
2a00:1450:400c:c00::9d
34.205.83.125
35.195.163.35
35.195.88.46
35.227.221.175
52.71.111.21
91.202.61.105
01215a6fb6a63240579c3117c5406be4959b084fa3a166c8c074f6e0d4b64e60
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
087f266f4362479148b04b7e057c942b8df71855b438f70f0ea2fac56331b40e
0c93edb433ecce548cb284b1645c949eab3101ea1625007e1b53cee8870beb06
12cb7afeef0eb204f9307b2fd9604a7ab20c39c106604e102054454777fced70
210908261a19fc6d61a7ffc754d768ece1a1d0b114854969e70c8ff735d69f3a
2670d68466b8533ffd681a003c02f7e89ba5eef9bd9915cb2df54a19074f02a2
30c6362b6b82d05e823653d8cf0317a84cb1501b2f3578873c9fd5a1d698e2a7
47fcab3faeb846baf087cb0cf2ceca792a7c03012c428fbc0beeb62c015de321
506c80b04a5c3c901fbc5c3f205a2644df3474e7ef572217e7d13747307dd943
512b0c8db3c951a96e30203885b3b45258cf4faae1fe36aceb04fbe70546166b
51be42ab4f645f9321bd73e97e15cc36777e72d7a9748e579a8c960dfeb635a5
5214f7f399be349fe1f4126dc4518ebcc8aa4d59d53be50a29e11de3cf0a69c8
532e05ec06d04f16a6474d895da6d81de18e0177961df4641cfa2fe692a2aed6
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
637aa336b4c2df9794c389d687408f40a42a8be9792cce51ea3d6604ea358193
695ac0d327be1306a6e5ad7dd4febffa7bd974fd410e391db98ebb3b5153ea6a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5d3df4826d91051edcd25179eb72580b99aec9865e7f17bbeb3f053ca7061e
6f47ae69daa099ae97f0e63c99ca9a233a1450e1c663f3e44940663e62da41e3
75ea9876b10f9f91403df53df911766463e56341cc0e72575c942ee957e5187f
7aa4551756597459a1c604b16b417fd02900aa4a4a2d63dbb2f866c7e848c157
84b66a71a3e994e87cdafcd55acb8e269228353d8854f63ac0e411903950247a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
885c37300020c7f8c8177e381bba3ab97b21709237a504ab8cdb0f4a72c8032e
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0b9fff20c442599c0b4dbb6ceac3b0948e3280f84904135b6db12bb2baba9a8
a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3
a58aec386c524bf5e2f0e451e646b1a2ff2ad42666d06abf61c60209314dc76d
a6f043d2d6d0c433a03314cf86acb499682d16514175b1ed545bce24c6f651e5
ab43ca2bc00ab060ce93f0360d2c36162b60601c6eb3fee88bc79575803a6c8d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2565973fae507cdb0511351ce1e312f8bf8d048aa9d30dc2daff6fea2ee3b7c
bea8b8d51d3a878f07217e024232ec64b4eaf955bd10297ce4cdbb496d6051e8
bf7860d089d54ecfa554f74f4ff766b974aff01c4432ce3fc6483dd3a74b3dfd
c05958d60a454f4c12e4dfc81e01964b8789be91d2a086343f87aa2e3d543771
c097003f266c52749912119652a5a8489828f6b552c40e126bff92e575e31666
c71a83323b1accc71e57c95b154d3de271d07ce0fd4c3ef3c8b182f96815f475
d4eed03b95ced20ae474ca9be1d7d51e561f536e0a9543409e41f435218e1587
dbb5adfbb93dbb816451b455b1f2175639ae087d404914882e0da92c4cc9c4a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8d9f9a65d049c09dcd5eab729cb79b519cd48b08209f5e92c2fe336908988e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40cdb79da2c1eb047c581bb6338deb58a85f81e926ff4f4d8791dcbb40afc09
f60199aed20dc666a5329f1c6c97554ce39728e6b724522ddc708c173287943b
f765a6b18b2f3587a62c49cf412d78e49f36179dde77595b85c6b19c05e2e7f3

www.geheimeaffaires.com Open in urlscan Pro 35.195.88.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

38 %IPv6

13 Domains

14 Subdomains

8 IPs

7 Countries

1266 kBTransfer

1608 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geheimeaffaires.com Open in urlscan Pro
35.195.88.46 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

38 %
IPv6

13
Domains

14
Subdomains

8
IPs

7
Countries

1266 kB
Transfer

1608 kB
Size

5
Cookies

55 HTTP transactions
0 data transactions