www.kusmitea.com Open in urlscan Pro
104.16.89.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dump.com/
Effective URL:
https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Submission: On June 03 via api (June 3rd 2022, 7:26:17 am UTC) from DE — Scanned from DE

Summary HTTP 100 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 20 domains to perform 100 HTTP transactions. The main IP is 104.16.89.34, located in and belongs to CLOUDFLARENET, US. The main domain is www.kusmitea.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on April 26th 2022. Valid for: a year.

This is the only time www.kusmitea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	216.120.146.200 216.120.146.200	53665 (BODIS-1) (BODIS-1)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	66.165.243.160 66.165.243.160	29802 (HVC-AS) (HVC-AS)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2 5	95.211.116.27 95.211.116.27	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	143.204.98.101 143.204.98.101	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	3.65.154.169 3.65.154.169	16509 (AMAZON-02) (AMAZON-02)
1 1	146.185.41.180 146.185.41.180	47841 (OXALIDE) (OXALIDE)
18	104.16.89.34 104.16.89.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1ab5	() ()
4	143.204.96.96 143.204.96.96	() ()
1	143.204.98.124 143.204.98.124	() ()
1	143.204.93.53 143.204.93.53	() ()
2	34.107.143.101 34.107.143.101	() ()
1	34.102.161.46 34.102.161.46	() ()
3	2a00:1450:400... 2a00:1450:4001:828::200e	() ()
100	21

7 216.120.146.200 (United States)

ASN53665 (BODIS-1, US)

dump.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.165.243.160 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us

r.redirekted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.27 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com

de-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-101.fra50.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.154.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-154-169.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.185.41.180 (France) 1 redirects

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net

trk.lgw.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.16.89.34 (None, )

ASN13335 (CLOUDFLARENET, US)

www.kusmitea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

try.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1ab5 (None, )

ASN- ()

sdk.teester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.96.96 (None, )

ASN- ()

edge.disstg.commercecloud.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.124 (None, )

ASN- ()

cl.avis-verifies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.53 (None, )

ASN- ()

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.143.101 (None, )

ASN- ()

dcinfos-cache.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.161.46 (None, )

ASN- ()

ariane.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	kusmitea.com www.kusmitea.com	333 KB
7	dump.com dump.com	27 KB
6	abtasty.com try.abtasty.com — Cisco Umbrella Rank: 8770 dcinfos-cache.abtasty.com ariane.abtasty.com	149 KB
5	kelkoogroup.net 2 redirects de-go.kelkoogroup.net — Cisco Umbrella Rank: 783659	33 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	40 KB
5	gstatic.com fonts.gstatic.com	104 KB
4	salesforce.com edge.disstg.commercecloud.salesforce.com	34 KB
4	redirekted.com r.redirekted.com — Cisco Umbrella Rank: 749202	11 KB
3	youtube.com www.youtube.com Failed
3	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 459	92 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	2 KB
2	teester.com sdk.teester.com	18 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	149 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 7174 api-js.datadome.co — Cisco Umbrella Rank: 7005	43 KB
1	cquotient.com cdn.cquotient.com r.cquotient.com Failed	12 KB
1	avis-verifies.com cl.avis-verifies.com	59 KB
1	lgw.io 1 redirects trk.lgw.io — Cisco Umbrella Rank: 152496	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	52 KB
0	contentsquare.net Failed t.contentsquare.net Failed
0	iadvize.com Failed lc.iadvize.com Failed
100	20

	Domain	Requested by
18	www.kusmitea.com	de-go.kelkoogroup.net www.kusmitea.com
7	dump.com	dump.com
5	de-go.kelkoogroup.net	2 redirects r.redirekted.com de-go.kelkoogroup.net
5	www.google-analytics.com	r.redirekted.com www.google-analytics.com www.googletagmanager.com
5	fonts.gstatic.com	fonts.googleapis.com
4	edge.disstg.commercecloud.salesforce.com	www.kusmitea.com
4	r.redirekted.com	dump.com r.redirekted.com
3	www.youtube.com	www.kusmitea.com
3	cdn.cookielaw.org	www.kusmitea.com cdn.cookielaw.org
3	try.abtasty.com	www.kusmitea.com try.abtasty.com
3	fonts.googleapis.com	client www.kusmitea.com
2	dcinfos-cache.abtasty.com	try.abtasty.com
2	sdk.teester.com	www.kusmitea.com sdk.teester.com
2	www.googletagmanager.com	de-go.kelkoogroup.net www.kusmitea.com
1	ariane.abtasty.com	try.abtasty.com
1	cdn.cquotient.com	www.kusmitea.com
1	cl.avis-verifies.com	www.kusmitea.com cl.avis-verifies.com
1	trk.lgw.io	1 redirects
1	api-js.datadome.co	js.datadome.co
1	js.datadome.co	de-go.kelkoogroup.net
1	www.google.com	dump.com
0	t.contentsquare.net Failed	dump.com
0	r.cquotient.com Failed	cdn.cquotient.com
0	lc.iadvize.com Failed	www.kusmitea.com
100	24

This site contains no links.

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.kelkoogroup.net Thawte RSA CA 2018	`2021-09-07` - `2022-10-07`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2021-10-12` - `2022-10-21`	a year	crt.sh
*.kusmitea.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-26` - `2023-03-26`	a year	crt.sh
try.abtasty.com Amazon	`2021-07-27` - `2022-08-25`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
teester.com Cloudflare Inc ECC CA-3	`2022-03-24` - `2023-03-23`	a year	crt.sh
edge.disstg.commercecloud.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-01-30`	a year	crt.sh
cl.avis-verifies.com Amazon	`2021-07-31` - `2022-08-29`	a year	crt.sh
*.cquotient.com Amazon	`2022-05-05` - `2023-06-03`	a year	crt.sh
dcinfos-cache.abtasty.com R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
ariane.abtasty.com R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Frame ID: 35DDA945BEA73C608E65F0D45EB2CE91
Requests: 101 HTTP requests in this frame

Frame: http://r.redirekted.com/go?e=DwCaxHVyR3B8gwWx1KW88Is7LlLe4mW6bFWjyHs70UCd4mV603BjOzX-bPFetPqvy3C5kGVbDUL-M3W6flp94Qs7HQCdR2V9fFW4AJs2IUC9IFs7jKL0yRs2kUF-IPqty3C55GVbxmK1pUpygaFbkGAbNTF75GsUAQWa5mZ78yF9AaXYk3pvNTs7D3F55GsQSPXxO2Z2uxCm8GssEmBsWTsXgFEeZ3WYImq4u2XmyUCeL3W5jKW54QsmOKL9gmW7fFW4RTs70KC8g0X6flpw0QsukaLdfxW-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Frame ID: 853308F8A9E3DA2332C93D7F4F399CDC
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer
Frame ID: 5B40C8ADDCD3510C627B6BE82CB1E8BE
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer
Frame ID: 6262E8B5D31A0C1BA7F850A1A463D8CA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer
Frame ID: 724344DA802D022901EFD3AB982D61DE
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer
Frame ID: E5DB6670813C881E75E1DA4A910B75D3
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer
Frame ID: 5214CAAFAA066092D5E30BA8A4C9D048
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer
Frame ID: 0E2B485BD7DBCD6DBB6D295C302C355B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://dump.com/ Page URL
http://r.redirekted.com/redirect?redirect_id=a58ebd9f27dcdee284ad53c3a10c0915&request_id=0c259594658... Page URL
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1654158003183&.sig=ybAgyWsbaTgM6umAf3l6JaLrnRo-&aff... HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee150... Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3d... HTTP 303
https://trk.lgw.io/rkt/58607/MjE3MThBMTA3MA==/aHR0cHM6Ly93d3cua3VzbWl0ZWEuY29tL2RlL3N0LXBldGVyc... HTTP 302
https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566... Page URL

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

100
Requests

57 %
HTTPS

38 %
IPv6

20
Domains

24
Subdomains

21
IPs

5
Countries

1161 kB
Transfer

3618 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dump.com/ Page URL
http://r.redirekted.com/redirect?redirect_id=a58ebd9f27dcdee284ad53c3a10c0915&request_id=0c259594658feba0163dbdb605bf0ea7 Page URL
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1654158003183&.sig=ybAgyWsbaTgM6umAf3l6JaLrnRo-&affiliationId=96965856&comId=100533243&country=de&offerId=e7ae0779ae8c09e185d997973a2489a6&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=9gRAvk3qWkGAbNTF75GsUAGXWE3Vct0L8W3LX1KWzLHsXAJF8A3VakKWjuHsytQL-AUp&custom2=jKWjuHsyj3F8gwVYqwqSExZvyRCexFrUAQB HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o= Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d3211880f93602212388f5c769e3781e2972a3e316210f6b98bd8f6d5ade52c8f98b4175025804a2b2c465af98adfdb00335455284a59501fd96fbbb815e5750d38cc5e7e88c25cff988736e94bfb222b045e3b7d2cabef98fd321b18b60c17bdb7375b66bf8f780c1e7419e61a7f19588fd18e6826dfedca759e9e9631b8b80f31d02b32c91dad234d86e57b8f0d3b2eb42145856d50883d73f9c48231ab670c18a15cd95c469c0b0d77ce0b2395f2c8e90fbedf29ee23909ab2873c9fe0681b99b67d509608e54e651200f55b213d0b2f97320624d4630747cc6f47deb03e045757b89482e8da6e08a51f22aaac17677c05675697bc7501983cf51b56705fc7de2e4fbef5ab8e4d3782&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1654241174900_3717415&clickId=107698111_1654241174831_5889944&url=https%3A%2F%2Ftrk.lgw.io%2Frkt%2F58607%2FMjE3MThBMTA3MA%3D%3D%2FaHR0cHM6Ly93d3cua3VzbWl0ZWEuY29tL2RlL3N0LXBldGVyc2JvdXJnLWJpby1TQUlOQklPTUFTVEVSLmh0bWw_dj0yMTcxOEExMDcw%3Fkk%3Da4c6293-18128752566-1ee691&initiator=timeout HTTP 303
https://trk.lgw.io/rkt/58607/MjE3MThBMTA3MA==/aHR0cHM6Ly93d3cua3VzbWl0ZWEuY29tL2RlL3N0LXBldGVyc2JvdXJnLWJpby1TQUlOQklPTUFTVEVSLmh0bWw_dj0yMTcxOEExMDcw?kk=a4c6293-18128752566-1ee691 HTTP 302
https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 16

http://www.google-analytics.com/collect?v=1&_v=j96&a=814505992&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyR3B8gwWx1KW88Is7LlLe4mW6bFWjyHs70UCd4mV603BjOzX-bPFetPqvy3C5kGVbDUL-M3W6flp94Qs7HQCdR2V9fFW4AJs2IUC9IFs7jKL0yRs2kUF-IPqty3C55GVbxmK1pUpygaFbkGAbNTF75GsUAQWa5mZ78yF9AaXYk3pvNTs7D3F55GsQSPXxO2Z2uxCm8GssEmBsWTsXgFEeZ3WYImq4u2XmyUCeL3W5jKW54QsmOKL9gmW7fFW4RTs70KC8g0X6flpw0QsukaLdfxW-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=574995554.1654241175&tid=UA-32454353-1&_gid=383942537.1654241175&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1655096742 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j96&a=814505992&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyR3B8gwWx1KW88Is7LlLe4mW6bFWjyHs70UCd4mV603BjOzX-bPFetPqvy3C5kGVbDUL-M3W6flp94Qs7HQCdR2V9fFW4AJs2IUC9IFs7jKL0yRs2kUF-IPqty3C55GVbxmK1pUpygaFbkGAbNTF75GsUAQWa5mZ78yF9AaXYk3pvNTs7D3F55GsQSPXxO2Z2uxCm8GssEmBsWTsXgFEeZ3WYImq4u2XmyUCeL3W5jKW54QsmOKL9gmW7fFW4RTs70KC8g0X6flpw0QsukaLdfxW-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=574995554.1654241175&tid=UA-32454353-1&_gid=383942537.1654241175&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1655096742

Request Chain 17

https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1654158003183&.sig=ybAgyWsbaTgM6umAf3l6JaLrnRo-&affiliationId=96965856&comId=100533243&country=de&offerId=e7ae0779ae8c09e185d997973a2489a6&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=9gRAvk3qWkGAbNTF75GsUAGXWE3Vct0L8W3LX1KWzLHsXAJF8A3VakKWjuHsytQL-AUp&custom2=jKWjuHsyj3F8gwVYqwqSExZvyRCexFrUAQB HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=

Request Chain 83

https://lc.iadvize.com/iadvize.js?sid=17959 HTTP 302
https://lc.iadvize.com/static/livechat/df8e42109aaa4932bd1ad7bb3653e36f7b63b703/live.js

100 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
dump.com/ 2 KB
2 KB 255ms
119ms Document
text/html 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://dump.com/
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: 16b217bd48d6d05e9eb8562b15ea89c935d7a45e1395bc27472b79da413b530e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache no-store, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Jun 2022 07:26:12 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_pvqbu7HaSvMEYXF/LoV9vHB07YLWFAgggMWZNpAZlCi56IxGGznz2IV7vUJOfzYgrx1ykQuRODtPKQHCYKpFTg==

GET
H/1.1 200
OK parking.2.89.1.js Show response
dump.com/js/ 67 KB
22 KB 120ms
120ms Script
application/javascript 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://dump.com/js/parking.2.89.1.js
Requested by: Host: dump.com
URL: http://dump.com/
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: ed269e347840a47969a19aac34cd78e946b9fcf91a50b6b88769f8b9e82fad7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dump.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 07:26:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Jun 2022 13:39:48 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK _fd Show response
dump.com/ 1 KB
1 KB 214ms
214ms Fetch
text/html 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://dump.com/_fd
Requested by: Host: dump.com
URL: http://dump.com/js/parking.2.89.1.js
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: 19471722a0f8dee2a17e860e89e32492c7f8ed083615147eb93e5caf23fe7c22

Request headers

Accept: application/json
Referer: http://dump.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.89.1
Date: Fri, 03 Jun 2022 07:26:12 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 141 KB
52 KB 130ms
47ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: dump.com
URL: http://dump.com/js/parking.2.89.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e98d1565f83297e310b27b4ece231931f4cdf7f258809e20ce208e1e9deacdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dump.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "5774002890898847575"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Fri, 03 Jun 2022 07:26:12 GMT

GET
H/1.1 200
OK px.gif
dump.com/ 42 B
421 B 238ms
119ms Image
image/gif 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dump.com/px.gif?ch=1&rn=6.267405499335432
Requested by: Host: dump.com
URL: http://dump.com/
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dump.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 07:26:12 GMT
Last-Modified: Tue, 21 Dec 2021 18:13:31 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK px.gif
dump.com/ 42 B
421 B 239ms
120ms Image
image/gif 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dump.com/px.gif?ch=2&rn=6.267405499335432
Requested by: Host: dump.com
URL: http://dump.com/
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dump.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 07:26:12 GMT
Last-Modified: Tue, 21 Dec 2021 18:13:31 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK _zc Show response
dump.com/ 357 B
818 B 559ms
559ms Fetch
text/html 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://dump.com/_zc
Requested by: Host: dump.com
URL: http://dump.com/js/parking.2.89.1.js
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: 26649e09469ef835108bbfd6fff8c65474457994a1d162af2784fea14a493c82

Request headers

Accept: application/json
Referer: http://dump.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.89.1
Date: Fri, 03 Jun 2022 07:26:13 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
942 B 129ms
46ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dump.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 06:53:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 03 Jun 2022 07:26:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jun 2022 07:26:13 GMT

POST
H/1.1 200
OK _tr
dump.com/ 2 B
0 146ms
146ms Fetch
text/html 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://dump.com/_tr
Requested by: Host: dump.com
URL: http://dump.com/js/parking.2.89.1.js
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: application/json
Referer: http://dump.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.89.1
Date: Fri, 03 Jun 2022 07:26:13 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK redirect Show response
r.redirekted.com/ 829 B
1 KB 378ms
176ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/redirect?redirect_id=a58ebd9f27dcdee284ad53c3a10c0915&request_id=0c259594658feba0163dbdb605bf0ea7
Requested by: Host: dump.com
URL: http://dump.com/js/parking.2.89.1.js
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 / PHP/8.0.14
Resource Hash: 3d9f951fd718121e1aef663f103bee03eb8e253e6bdeffeaff66215c362c983f

Request headers

Referer: http://dump.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Jun 2022 07:26:13 GMT
Server: nginx/1.21.5
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.14

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v29/ 14 KB
14 KB 121ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v29/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://dump.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 20:10:54 GMT
x-content-type-options: nosniff
age: 126919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13892
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:27:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 20:10:54 GMT

GET
H/1.1 200
OK adren.css
r.redirekted.com/css/ 243 B
479 B 175ms
175ms Stylesheet
text/css 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/css/adren.css?n=2463045213
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=a58ebd9f27dcdee284ad53c3a10c0915&request_id=0c259594658feba0163dbdb605bf0ea7
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 /
Resource Hash: e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=a58ebd9f27dcdee284ad53c3a10c0915&request_id=0c259594658feba0163dbdb605bf0ea7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 07:26:14 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.21.5
ETag: "60dff9aa-f3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243

GET
H/1.1 200
OK adren.min.js Show response
r.redirekted.com/js/ 7 KB
8 KB 351ms
175ms Script
application/javascript 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/js/adren.min.js?n=2463045213
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=a58ebd9f27dcdee284ad53c3a10c0915&request_id=0c259594658feba0163dbdb605bf0ea7
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 /
Resource Hash: 55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=a58ebd9f27dcdee284ad53c3a10c0915&request_id=0c259594658feba0163dbdb605bf0ea7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 07:26:14 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.21.5
ETag: "60dff9aa-1d68"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7528

GET
H/1.1 200
OK go Show response
r.redirekted.com/ Frame 8533 2 KB
2 KB 176ms
176ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/go?e=DwCaxHVyR3B8gwWx1KW88Is7LlLe4mW6bFWjyHs70UCd4mV603BjOzX-bPFetPqvy3C5kGVbDUL-M3W6flp94Qs7HQCdR2V9fFW4AJs2IUC9IFs7jKL0yRs2kUF-IPqty3C55GVbxmK1pUpygaFbkGAbNTF75GsUAQWa5mZ78yF9AaXYk3pvNTs7D3F55GsQSPXxO2Z2uxCm8GssEmBsWTsXgFEeZ3WYImq4u2XmyUCeL3W5jKW54QsmOKL9gmW7fFW4RTs70KC8g0X6flpw0QsukaLdfxW-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/js/adren.min.js?n=2463045213
Protocol: HTTP/1.1
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.21.5 / PHP/8.0.14
Resource Hash: 398fd5728a21dc3f915118c8fd840ffd52ed59cb4e1705a94029190f718a313b

Request headers

Referer: http://r.redirekted.com/redirect?redirect_id=a58ebd9f27dcdee284ad53c3a10c0915&request_id=0c259594658feba0163dbdb605bf0ea7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Jun 2022 07:26:14 GMT
Server: nginx/1.21.5
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.14

GET
H2

200

analytics.js Show response
www.google-analytics.com/ Frame 8533
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

121ms
37ms

Script
text/javascript

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=DwCaxHVyR3B8gwWx1KW88Is7LlLe4mW6bFWjyHs70UCd4mV603BjOzX-bPFetPqvy3C5kGVbDUL-M3W6flp94Qs7HQCdR2V9fFW4AJs2IUC9IFs7jKL0yRs2kUF-IPqty3C55GVbxmK1pUpygaFbkGAbNTF75GsUAQWa5mZ78yF9AaXYk3pvNTs7D3F55GsQSPXxO2Z2uxCm8GssEmBsWTsXgFEeZ3WYImq4u2XmyUCeL3W5jKW54QsmOKL9gmW7fFW4RTs70KC8g0X6flpw0QsukaLdfxW-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4026
date: Fri, 03 Jun 2022 06:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 03 Jun 2022 08:19:08 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect
www.google-analytics.com/j/ Frame 8533 2 B
145 B 45ms
45ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=814505992&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyR3B8gwWx1KW88Is7LlLe4mW6bFWjyHs70UCd4mV603BjOzX-bPFetPqvy3C5kGVbDUL-M3W6flp94Qs7HQCdR2V9fFW4AJs2IUC9IFs7jKL0yRs2kUF-IPqty3C55GVbxmK1pUpygaFbkGAbNTF75GsUAQWa5mZ78yF9AaXYk3pvNTs7D3F55GsQSPXxO2Z2uxCm8GssEmBsWTsXgFEeZ3WYImq4u2XmyUCeL3W5jKW54QsmOKL9gmW7fFW4RTs70KC8g0X6flpw0QsukaLdfxW-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=457050479&gjid=1029730861&cid=574995554.1654241175&tid=UA-32454353-1&_gid=383942537.1654241175&_r=1&_slc=1&z=1115969642

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 07:26:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://r.redirekted.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/ Frame 8533
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j96&a=814505992&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyR3B8gwWx1KW88Is7LlLe4mW6bFWjyHs70UCd4mV603BjOzX-bPFetPqvy3C5kGVbDU...
https://www.google-analytics.com/collect?v=1&_v=j96&a=814505992&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyR3B8gwWx1KW88Is7LlLe4mW6bFWjyHs70UCd4mV603BjOzX-bPFetPqvy3C5kGVbD...

35 B
194 B

37ms
36ms

Image
image/gif

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=814505992&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyR3B8gwWx1KW88Is7LlLe4mW6bFWjyHs70UCd4mV603BjOzX-bPFetPqvy3C5kGVbDUL-M3W6flp94Qs7HQCdR2V9fFW4AJs2IUC9IFs7jKL0yRs2kUF-IPqty3C55GVbxmK1pUpygaFbkGAbNTF75GsUAQWa5mZ78yF9AaXYk3pvNTs7D3F55GsQSPXxO2Z2uxCm8GssEmBsWTsXgFEeZ3WYImq4u2XmyUCeL3W5jKW54QsmOKL9gmW7fFW4RTs70KC8g0X6flpw0QsukaLdfxW-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=574995554.1654241175&tid=UA-32454353-1&_gid=383942537.1654241175&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1655096742

Requested by

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 20:02:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41019
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j96&a=814505992&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVyR3B8gwWx1KW88Is7LlLe4mW6bFWjyHs70UCd4mV603BjOzX-bPFetPqvy3C5kGVbDUL-M3W6flp94Qs7HQCdR2V9fFW4AJs2IUC9IFs7jKL0yRs2kUF-IPqty3C55GVbxmK1pUpygaFbkGAbNTF75GsUAQWa5mZ78yF9AaXYk3pvNTs7D3F55GsQSPXxO2Z2uxCm8GssEmBsWTsXgFEeZ3WYImq4u2XmyUCeL3W5jKW54QsmOKL9gmW7fFW4RTs70KC8g0X6flpw0QsukaLdfxW-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=574995554.1654241175&tid=UA-32454353-1&_gid=383942537.1654241175&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=1655096742
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

200
OK

go Show response
de-go.kelkoogroup.net/
Redirect Chain

https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1654158003183&.sig=ybAgyWsbaTgM6umAf3l6JaLrnRo-&affiliationId=96965856&comId=100533243&country=de&offerId=e7ae0779ae8c09e185d997973a2489a6&ser...
https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ce...

28 KB
29 KB

62ms
62ms

Document
text/html

95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

a7d3fc80e874327307f788078b08a80fa50faf50e2722a4f21888f1094dbc787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://r.redirekted.com/redirect?redirect_id=a58ebd9f27dcdee284ad53c3a10c0915&request_id=0c259594658feba0163dbdb605bf0ea7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
ApacheTracking: localhost
Connection: Keep-Alive
Content-Length: 28365
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Jun 2022 07:26:14 GMT
Keep-Alive: timeout=40, max=93
P3P: CP="Anything"
Referrer-Policy: unsafe-url
Request-Time: PT0.0198S
X-Content-Type-Options: nosniff
X-DataDome: protected
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698111_1654241174831_5889944
country: de
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1654241174900_3717415

Redirect headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
ApacheTracking: localhost
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/plain
Date: Fri, 03 Jun 2022 07:26:14 GMT
Keep-Alive: timeout=40, max=66
Location: /go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=
P3P: CP="Anything"
Referrer-Policy: unsafe-url
Request-Time: PT0.0115S
X-Content-Type-Options: nosniff
X-DataDome: protected
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698111_1654241174831_5889944
country: de

GET
H/1.1 200
OK p.png
de-go.kelkoogroup.net/assets/images/ 68 B
538 B 115ms
43ms Image
image/png 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de-go.kelkoogroup.net/assets/images/p.png?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d3211880f93602212388f5c769e3781e2972a3e316210f6b98bd8f6d5ade52c8f98b4175025804a2b2c465af98adfdb00335455284a59501fd96fbbb815e5750d38cc5e7e88c25cff988736e94bfb222b045e3b7d2cabef98fd321b18b60c17bdb7375b66bf8f780c1e7419e61a7f19588fd18e6826dfedca759e9e9631b8b80f31d02b32c91dad234d86e57b8f0d3b2eb42145856d50883d73f9c48231ab670c18a15cd95c469c0b0d77ce0b2395f2c8e90fbedf29ee23909ab2873c9fe0681b99b67d509608e54e651200f55b213d0b2f97320624d4630747cc6f47deb03e045757b89482e8da6e08a51f22aaac17677c05675697bc7501983cf51b56705fc7de2e4fbef5ab8e4d3782&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1654241174900_3717415&clickId=107698111_1654241174831_5889944

Requested by

Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ApacheTracking: localhost
Date: Fri, 03 Jun 2022 07:26:15 GMT
Referrer-Policy: unsafe-url
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-Frame-Options: DENY
P3P: CP="Anything"
Cache-Control: private, must-revalidate
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Type: image/png
Request-Time: PT0.001467S
Content-Length: 68
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=40, max=37

GET
H2 200 tags.js Show response
js.datadome.co/ 206 KB
42 KB 148ms
43ms Script
text/javascript 143.204.98.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-101.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

11f7c2fa09c39674412328f8b98aa04140024cbe4e0ddd9f1ee6ed40ca6d3da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 06:40:08 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2767
x-cache: Hit from cloudfront
content-length: 42643
access-control-allow-origin: *
last-modified: Mon, 30 May 2022 12:39:53 GMT
server: Apache
etag: "33804-5e039f3e72633-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: sythZLUIgqlLtbtvWumE2_VbMqaWm4okmUtpOoby50fJmJNHPc172A==
expires: Fri, 03 Jun 2022 07:40:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
43 KB 130ms
46ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d3d613fd6890ac3fb609f02374126e6fc79eafbd7dc6fe00a6118c3a021a715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43557
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Jun 2022 07:26:15 GMT

POST
H/1.1 200
OK fp
de-go.kelkoogroup.net/ 0
444 B 50ms
49ms Ping
text/plain 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/fp?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d3211880f93602212388f5c769e3781e2972a3e316210f6b98bd8f6d5ade52c8f98b4175025804a2b2c465af98adfdb00335455284a59501fd96fbbb815e5750d38cc5e7e88c25cff988736e94bfb222b045e3b7d2cabef98fd321b18b60c17bdb7375b66bf8f780c1e7419e61a7f19588fd18e6826dfedca759e9e9631b8b80f31d02b32c91dad234d86e57b8f0d3b2eb42145856d50883d73f9c48231ab670c18a15cd95c469c0b0d77ce0b2395f2c8e90fbedf29ee23909ab2873c9fe0681b99b67d509608e54e651200f55b213d0b2f97320624d4630747cc6f47deb03e045757b89482e8da6e08a51f22aaac17677c05675697bc7501983cf51b56705fc7de2e4fbef5ab8e4d3782&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1654241174900_3717415&clickId=107698111_1654241174831_5889944

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

ApacheTracking: localhost
Date: Fri, 03 Jun 2022 07:26:15 GMT
Referrer-Policy: unsafe-url
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
P3P: CP="Anything"
X-Robots-Tag: noindex,nofollow
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8
Request-Time: PT0.007147S
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=40, max=65

POST
H2 200 /
api-js.datadome.co/js/ 235 B
413 B 148ms
42ms XHR
application/json 3.65.154.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.154.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-154-169.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 07:26:15 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 235
expires: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4027
date: Fri, 03 Jun 2022 06:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 03 Jun 2022 08:19:08 GMT

POST
H3 200 collect
www.google-analytics.com/j/ 1 B
21 B 45ms
45ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1267652396&t=pageview&_s=1&dl=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3Dcd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa%26o%3D&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965856%7C100533243%7C&ul=en-us&de=UTF-8&dt=Weiterleitung%20zu%20Kusmi%20Tea%20%7C%20Tees%20und%20Kr%C3%A4utertees%20in%20Bio-Qualit%C3%A4t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1868635548&gjid=1335501782&cid=931192286.1654241175&tid=UA-168544891-7&_gid=1780948440.1654241175&_r=1&gtm=2wg6105ZS487&cd1=96965856&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1654241174900_3717415&cd3=100533243&cd4=a4c6293-18128752566-1ee691&cd5=&cd6=96965856%7C100533243%7C&z=200203421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 07:26:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de-go.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Primary Request st-petersbourg-bio-SAINBIOMASTER.html Show response
www.kusmitea.com/de/
Redirect Chain

https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50eb94d3ddb2e9d3211880f93602212388f5c769e3781e2972a3e316210f6b98bd8f6d5ade52c8f98b4175025804a2b2c465...
https://trk.lgw.io/rkt/58607/MjE3MThBMTA3MA==/aHR0cHM6Ly93d3cua3VzbWl0ZWEuY29tL2RlL3N0LXBldGVyc2JvdXJnLWJpby1TQUlOQklPTUFTVEVSLmh0bWw_dj0yMTcxOEExMDcw?kk=a4c6293-18128752566-1ee691
https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691

252 KB
46 KB

556ms
426ms

Document
text/html

104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Requested by: Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462a12449b113c566648318e07477bb8727c4f8d7df1f0d513a8b9be2f53c0f7

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=cd1a44088e83ddbf9628f3fe869c2143770eec478e5ddef7ea938aaee1503ea051450cbdc3b01883d6188578b3f18bc17ca2be975f5b6d82bef7b567591d71ffff2a57ee632222232a8c9ced5a53aa813f230b08a56d7c3a38add4624b2832131c83f415727f876880c3783330c7c48c17ba44edcbd238d58a02b50de13c89a1c8656099928731de9dfdc414879bf5676889cc075c40b36c7365acb34a682ee954f7c18825ecb149d6e6a27d219ca813ec59e2e6603552cca7ae404176ab0f1f1c303c2882efd5e4bfa20b38c36f46c09379880e93f6c116a5708bdc8feb24dfe92e7b9660fd57927c72377b5801a09ac5c6e92f732172fb2dfef76fefa44fc05980240ad8d2609d8fa0158aa34b37eaa55859391da24b00859f543ac8c805e24efb58f889f800decc908e7e3036d99fd74a79b36fe204e057c51c85d4d65f38075a8feb96b15eccd4b00337e96f1938200d6ab24f209d871281ec86fe34d43398cf4393a3bc58b1d1adb024d7b458a986c23a33465056de360472316b673161bc9efe0ecdf3faa46f314c8a2583c3af72ec8ee24f02b65e3bde603a5435c71943e3e2fe84beee62e4f4381db1af45cc0907b29d4a4b9fb1487eece75614564c9073d66d1c1514e7ac3c4d7530f83b38c9860732fc7203eba3a412863fe3aeb0030fcedea3a4ef6fbd518705b36bf241e5cd4a0604436183d6db8570fd6b4a3264fec3d35c444c088cdb1fd20b9275fa&o=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://www.kusmitea.com
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7156b314faea9189-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 03 Jun 2022 07:26:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
server: cloudflare
vary: accept-encoding
x-dw-request-base-id: T7WWj5i3mWIBAAB_

Redirect headers

cache-control: max-age=0, must-revalidate, private
content-security-policy: frame-ancestors 'self' solution.lengow.com;
content-type: text/html; charset=UTF-8
date: Fri, 03 Jun 2022 07:26:15 GMT
expires: Fri, 03 Jun 2022 07:26:15 GMT
location: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
p3p: policyref=\"http://lgw.io/p3p.xml\",CP=\"NON DSP COR CURa PSA PSD OUR BUS NAV STA\"
strict-transport-security: max-age=15768000

GET
H2 200 908316535cd3f0f3c83b740f188b1825.js Show response
try.abtasty.com/ 526 KB
129 KB 142ms
44ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/908316535cd3f0f3c83b740f188b1825.js
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-76.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1e3160481d7c99d2938332259910745ecb04a86a03337f2a4691df67910b2bf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 07:52:54 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 07:52:48 GMT
server: CloudFront
age: 84803
etag: W/"7370323c2ce54c25be03ae4cef614968"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: s-maxage=86400,max-age=30
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Yt0sW5vt934LlE71k14bcKMHUukIO9_wvC_NRWyO3KDgkLtBoZbijQ==

GET
H2 200 main.js Show response
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/js/ 307 KB
90 KB 58ms
56ms Script
application/javascript 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/js/main.js
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8565e6139becff5dc149b11edabfa9f7b05a3851e4664b339d6f63b280e31f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 11862
cf-polished: origSize=315002
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 12 Apr 2022 02:41:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591564
cf-ray: 7156b317a8809189-FRA
x-dw-request-base-id: T7WqII-HmWIBAAB_
expires: Sun, 03 Jul 2022 07:19:00 GMT

GET
H2 200 productDetail.js Show response
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/js/ 39 KB
11 KB 54ms
53ms Script
application/javascript 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/js/productDetail.js
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c007e43667c83d028fe240e14506aacae4350f280c2ab7398470226b38a9fb87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 02:41:01 GMT
server: cloudflare
age: 11862
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
expires: Sun, 03 Jul 2022 07:26:16 GMT
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 7156b3189a689189-FRA
x-dw-request-base-id: kAXDgEOJmWIBAAB_
cf-bgj: minify

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 147ms
67ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2R9GKwuxJTUynP4on2KYxQ==
age: 13074
vary: Accept-Encoding
content-length: 6921
x-ms-lease-status: unlocked
last-modified: Tue, 31 May 2022 02:45:17 GMT
server: cloudflare
etag: 0x8DA42AF98DE1611
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2ef997eb-801e-0065-0c98-7469bb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7156b3182b449ba1-FRA

GET
H2 200 loader.js Show response
sdk.teester.com/ 4 KB
2 KB 137ms
49ms Script
application/javascript 2606:4700::6812:1ab5

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.teester.com/loader.js
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ab5 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 990b56f8d03877f2781e29d563d009ec43d517e5d94851e9e3cabc0e7c6ffcdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 2899
x-guploader-uploadid: ADPycdvf6cYASqFiUV63IBTAutNnLbH_3RPzXnttv3moZ4rsfNT4WyarEc1TYo07Lgu4hrgqAYTXy2XfJXHJRRpiKCHUgXOvb8Jj
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 May 2022 13:59:09 GMT
server: cloudflare
etag: W/"71f234491d236e3f027a3ab21e57eb30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=yPqyzQ==, md5=cfI0SR0jbj8CejqyHlfrMA==
x-goog-generation: 1652882349628105
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 3624
cf-ray: 7156b3197be29001-FRA
expires: Fri, 03 Jun 2022 11:26:16 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
431 B 124ms
46ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 06:25:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 03 Jun 2022 07:26:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jun 2022 07:26:16 GMT

GET
H2 200 pdp.css
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/scss/pages/ 148 KB
23 KB 54ms
53ms Stylesheet
text/css 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/scss/pages/pdp.css
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f822549a53d196ff989b5b473cae8fb91dee3e2819f424a2479fa87d1d3c2b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 11862
cf-polished: origSize=151270
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=aI1vmvHL3t8byQgW6GyPS24gCR2P8XqNTWLwdpQ7n3Y-1654241176-0-AX4WLranWM5zTn9cAcuL48y-1GlMohMZlsvvh2iq2Vuu25cJ4S5_IWDef_v1JDSXgashFG6Qvm1Xc7fmZivv1u8
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 12 Apr 2022 02:41:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591759
cf-ray: 7156b317a8849189-FRA
x-dw-request-base-id: kAUVgFKImWIBAAB_
expires: Sun, 03 Jul 2022 07:22:15 GMT

GET
H2 200 gtm.js Show response
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/js/ 85 KB
29 KB 52ms
51ms Script
application/javascript 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/js/gtm.js
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1cd740219f9700c02a0ea36c318501bc34ba1740bc456fe8a812a94295f660a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 11862
cf-polished: origSize=87832
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 12 Apr 2022 02:41:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591564
cf-ray: 7156b317a8859189-FRA
x-dw-request-base-id: kAVMf4-HmWIBAAB_
expires: Sun, 03 Jul 2022 07:19:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 8 KB
941 B 124ms
47ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Material+Icons

Requested by

Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c27088d2fa00fc5ae05c2f21947566615bfc234ac58a7e9599031e8ddd48b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 07:26:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 03 Jun 2022 07:26:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jun 2022 07:26:16 GMT

GET
H2 200 logo.svg
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/default/dw80de140f/images/ 3 KB
2 KB 48ms
48ms Image
image/svg+xml 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/default/dw80de140f/images/logo.svg
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 590b29afb9cab2915eccafa174447bcf4a24302492f02767366219a83990975a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 02:41:01 GMT
server: cloudflare
age: 1893998
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591967
cross-origin-resource-policy: cross-origin
cf-ray: 7156b3190b349189-FRA
x-dw-request-base-id: rmfNd-RDVWIBAAB_
expires: Sun, 03 Jul 2022 07:25:43 GMT

GET
H2 200 icon-time-compass.svg
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/default/dw5d968bcc/images/svg/ 697 B
484 B 55ms
51ms Image
image/svg+xml 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/default/dw5d968bcc/images/svg/icon-time-compass.svg
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78708045fb5d54136e8b721ee81bac01b72dd88669d2e5ff653fc6fa9d781dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 02:41:01 GMT
server: cloudflare
age: 1892595
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591832
cross-origin-resource-policy: cross-origin
cf-ray: 7156b3198c3f9189-FRA
x-dw-request-base-id: rme1eSFEVWIBAAB_
expires: Sun, 03 Jul 2022 07:23:28 GMT

GET
H2 200 icon-temp.svg
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/default/dwbdb55cc8/images/svg/ 2 KB
820 B 51ms
47ms Image
image/svg+xml 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/default/dwbdb55cc8/images/svg/icon-temp.svg
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4c4c332a776d67fb2dcb81e6c4112e6fb7fbf7709fdda65b67affca750c49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 02:41:01 GMT
server: cloudflare
age: 1892595
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591904
cross-origin-resource-policy: cross-origin
cf-ray: 7156b3198c499189-FRA
x-dw-request-base-id: rmeye2pEVWIBAAB_
expires: Sun, 03 Jul 2022 07:24:40 GMT

GET
H2 200 PICTO_ENGAGEMENT_NOIR.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwd3242e25/mediatags/aromes/ 1 KB
2 KB 242ms
81ms Image
image/png 143.204.96.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwd3242e25/mediatags/aromes/PICTO_ENGAGEMENT_NOIR.png?
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.96.96 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 237bf73d8d7383be5eaae41e4ceab2bc35cf7311e772bbc3fd561a3e97d5a58f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 05 May 2022 09:59:32 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age: 2496404
x-amzn-requestid: f5cb3db3-582d-4eb8-8a1b-712f4c2a89ed
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amzn-trace-id: Root=1-6273a004-4360dbc07469f3382d919a07;Sampled=0
x-amz-cf-pop: FRA50-C1
x-amz-apigw-id: RpXwsG9MIAMFv0g=
content-length: 1268
x-amz-cf-id: IsfWTSdgouF4fhD882MSaCtxHy0UWJMrJDRPQBTzR_6aECuzLTghvA==

GET aome_picto-ingredients.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw2a798aba/mediatags/aromes/ 0
0

GET
H2 200 logos-bio-eng.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwb1674001/mediatags/ 26 KB
27 KB 207ms
46ms Image
image/png 143.204.96.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwb1674001/mediatags/logos-bio-eng.png
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.96.96 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d0d8ad8f4e8591f051a26bb9aa6a5855df68271833cf4edb1a171067eab5fc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 14 May 2022 17:41:30 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 23 Jun 2022 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Sun, 23 May 2021 22:37:15 GMT
server: AmazonS3
x-amz-meta-cleanquerystring
age: 1691087
etag: "f72647a0cd33a7ef7130161fde5a6830"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 26877
x-amz-cf-id: gBSCRBNau1-1ELAZJp1EnBa8A0uXRaHJNhMhbVDCnvIYQU_YnalwGg==

GET 2020_07-thiashola-lifestyle.jpg
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwf31d0dc7/mediatags/ 0
0

GET 2020_07-vrac_the-lifestyle.jpg
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw1996166e/mediatags/ 0
0

GET 2020_10-citrons.jpg
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwafe3c407/mediatags/ 0
0

GET 2020_07-the_bio-lifestyle.jpg
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw5d538125/mediatags/ 0
0

GET 2021-icon-mif.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw5b4a2d09/images/footer/ 0
0

GET 2021-icon-bio.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw65473115/images/footer/ 0
0

GET 2021-icon-0plastique.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw175c18e0/images/footer/ 0
0

GET 2021-icon-livraison-offerte-footer.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw301c6b9b/images/footer/ 0
0

GET 2021-icon-livraison-footer.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwfcb6d834/images/footer/ 0
0

GET 2021-icon-paiement-footer.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw71c66b61/images/footer/ 0
0

GET 2021-icon-sachet-footer.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwd52d2fce/images/footer/ 0
0

GET 2021-icon-K-footer.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw66f775c0/images/footer/ 0
0

GET 2021-icon-contact.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw78ef001b/images/footer/ 0
0

GET
H2 200 widget03_FB3.min.js
cl.avis-verifies.com/de/widget4/ 182 KB
59 KB 199ms
41ms Script
application/javascript 143.204.98.124

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.avis-verifies.com/de/widget4/widget03_FB3.min.js
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.124 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 23:44:09 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 00:57:50 GMT
server: AmazonS3
age: 27728
etag: W/"b6b7a70e0541acba9d85bfc36fe4552c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: max-age=81600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HG-avoB4URQ5LCAiC9L5NX3dXnQLjE8sUWrt2Hi_wt4IHexKyBJkRw==

GET
H2 200 dwanalytics-22.2.js Show response
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/internal/jscript/ 6 KB
3 KB 51ms
50ms Script
application/javascript 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/internal/jscript/dwanalytics-22.2.js
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4511892ecdaa2a08bfc5933e7d31f3bdeee5f706c462cb717c802718908a670c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 11862
cf-polished: origSize=6582
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Fri, 03 Jun 2022 04:03:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591696
cf-ray: 7156b3198c539189-FRA
x-dw-request-base-id: kAXcfxOImWIBAAB_
expires: Sun, 03 Jul 2022 07:21:12 GMT

GET
H2 200 dwac-21.7.js Show response
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/internal/jscript/ 5 KB
2 KB 51ms
49ms Script
application/javascript 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/internal/jscript/dwac-21.7.js
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0acc05529b896335e67451050b9d9353d4cd680a470919fecf91c12ff09196d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 11862
cf-polished: origSize=5013
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Fri, 03 Jun 2022 04:01:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591564
cf-ray: 7156b3198c569189-FRA
x-dw-request-base-id: T7WsII-HmWIBAAB_
expires: Sun, 03 Jul 2022 07:19:00 GMT

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 36 KB
12 KB 202ms
43ms Script
application/javascript 143.204.93.53

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.53 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b6b34e69f08fb2fb269c0affa0b91f979eacc9df506d06fcc670e0601f23784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 06:52:08 GMT
content-encoding: gzip
etag: W/"4fdd1834cd022d3113e766921bac1ba4"
last-modified: Wed, 27 Oct 2021 16:27:15 GMT
server: AmazonS3
age: 2049
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cYF7JnM4saqpVRhWZXrJ3qClTNak0DkNq_h7CvlFWK4HjxFb5J_Hiw==

GET
H2 200 analytics.6ef50a9b9738dd85ddd0.js
try.abtasty.com/shared/ 0
9 KB 39ms
38ms Other
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/shared/analytics.6ef50a9b9738dd85ddd0.js
Requested by: Host: try.abtasty.com
URL: https://try.abtasty.com/908316535cd3f0f3c83b740f188b1825.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-76.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:27:28 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 11:27:13 GMT
server: CloudFront
age: 849529
etag: W/"d471b2d44b95ffd60516e3ebf3b0a1fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: s-maxage=31536000,max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ue1FjRGfxUXQrbr53zPmO0gk9fGsc2-QRKy4yal6_rDj8VoQ15-3ZA==

GET
H2 200 analytics.6ef50a9b9738dd85ddd0.js Show response
try.abtasty.com/shared/ 35 KB
9 KB 39ms
38ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/shared/analytics.6ef50a9b9738dd85ddd0.js
Requested by: Host: try.abtasty.com
URL: https://try.abtasty.com/908316535cd3f0f3c83b740f188b1825.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-76.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 979377a96f376b3292fa82543074602ac73e917d62a20d80366edcd0ab3e5999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:27:28 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 11:27:13 GMT
server: CloudFront
age: 849529
etag: W/"d471b2d44b95ffd60516e3ebf3b0a1fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: s-maxage=31536000,max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: XneRDu8QxAm2Btdus8EKAH9D553evXg9L-W-ON4ciGm3wOinEREZsQ==

POST
H2 200 geoip Show response
dcinfos-cache.abtasty.com/v1/ 324 B
318 B 250ms
58ms Fetch
application/json 34.107.143.101

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/geoip

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/908316535cd3f0f3c83b740f188b1825.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 -, , ASN (),

Reverse DNS

Software

- /

Resource Hash

7a3cb6cb6ce2099deb723f8f77daf8dcd9f2b56e79635f5b225472a6ea9b9c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kusmitea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
x-envoy-decorator-operation: -
age: 0
x-cache: miss uncacheable
x-restart: 0
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212
access-control-allow-origin: *
server: -
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
via: 1.1 google
vary: Accept-Encoding
cache-control: private, max-age=600
accept-ranges: bytes

POST
H2 200 ua-parser Show response
dcinfos-cache.abtasty.com/v1/ 120 B
394 B 239ms
48ms Fetch
application/json 34.107.143.101

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/ua-parser

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/908316535cd3f0f3c83b740f188b1825.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 -, , ASN (),

Reverse DNS

Software

- /

Resource Hash

211614fdf21666ff927abdaebfaa9c1288f21a491f558c4e04d86a3f809a262f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kusmitea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 03 Jun 2022 07:08:57 GMT
content-encoding: gzip
x-envoy-decorator-operation: -
age: 1039
x-cache: hit cached
x-restart: 0
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
access-control-allow-origin: *
server: -
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
via: 1.1 google
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 b649f9e3-2f6a-4283-a655-cd4062ea79aa.json Show response
cdn.cookielaw.org/consent/b649f9e3-2f6a-4283-a655-cd4062ea79aa/ 3 KB
2 KB 122ms
46ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b649f9e3-2f6a-4283-a655-cd4062ea79aa/b649f9e3-2f6a-4283-a655-cd4062ea79aa.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f6480a692038e52940bfd35f2a18cfd6a4ea5a29b21fb9530ecd095b351ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: t+OyJHSnsDT+Y5H6bc45yQ==
age: 12989
vary: Accept-Encoding
content-length: 1268
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 14:48:51 GMT
server: cloudflare
etag: 0x8D984216B0587C6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 282fdf2f-301e-011e-56c1-11445e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7156b319ef0b5c1a-FRA
expires: Fri, 03 Jun 2022 11:26:16 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 484 KB
106 KB 124ms
48ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2LJGV

Requested by

Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ca55191304b9fd042fd5e53ad0801e423e8c17abbc7e4121ffca98f674618a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108997
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Jun 2022 07:26:16 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 118ms
41ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kusmitea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 224287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:08:09 GMT

GET
DATA 200
OK truncated
/ 113 B
113 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90c28d115d0f56bc016b428132a07f4347ab5a0de6b0945af90d27aa5cc03b08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 160 B
160 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23698ec7341e8c1171caafd267d965edc1337158d925a3f3cb78d1ddf7d7ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 262 B
262 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9de171873519df970d305c17530392dac0d18121589e733c8e070583930c8403

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 944 B
944 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efd12b4d45bea6b8e12b5377af9cd25ec035752fd8d14158315d5d3a467da776

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 283 B
283 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0b9c66c64fb08196fb3ae8a79cd0a44b075487d19b497fed66238f06ff00f59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 364 B
364 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 817d6719b6901c6581f970db61f3678755e463345eb6a518810c869e9418d1ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 2 KB
2 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40b0765cc0e6a5b6f461d5eac7902c57047d4f6eff0acd48d91e4c297ff078ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 499 B
499 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2269870015a03ee6c6a750efc9d015bcab1331ebb19cf9fe4321fd625a1ac6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET siPCG2O9Voo
www.youtube.com/embed/ Frame 5B40 0
0

GET
DATA 200
OK truncated
/ 324 B
324 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e3990b8e78848548585fb3d922150764ce19e8a6e6f930bad0e3b9eac8b901b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 641 B
641 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c89f8f6a7cde148765411bf6017a92abac58060b9e52a8e7eb5601e4242c3542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET
H2 200 bio.png
www.kusmitea.com/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw5de7231b/images/productTags/ 956 B
1 KB 54ms
54ms Image
image/webp 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kusmitea.com/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw5de7231b/images/productTags/bio.png
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a483a813c2c39a3ebf9198e09462edf70f0a8c94efb273b5dbc65878c25f7986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
cf-cache-status: HIT
age: 1843899
cf-polished: origFmt=png, origSize=3059
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="bio.webp"
content-length: 956
last-modified: Wed, 20 Nov 2019 10:38:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 03 Jul 2022 04:28:08 GMT
cache-control: public, max-age=2581312
accept-ranges: bytes
cf-ray: 7156b319ac939189-FRA
x-dw-request-base-id: SBXJUB5rfWIBAAB_
cf-bgj: imgq:100,h2pri

GET
H2 200 logo-bio-officiels.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwabda4451/images/tags/ 5 KB
6 KB 158ms
43ms Image
image/png 143.204.96.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwabda4451/images/tags/logo-bio-officiels.png
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.96.96 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74779cf08b3ab7faf1ab54610f4929e1559d805116f5568c40dd9d88223b7840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:29:05 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age: 359831
x-amzn-requestid: 3bc4c24a-5fe9-408f-a495-059febde43c9
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2573660
x-amzn-trace-id: Root=1-62943a00-02ff7300465e492873a73a7e;Sampled=0
x-amz-cf-pop: FRA50-C1
x-amz-apigw-id: S64AKHIgIAMFtug=
content-length: 5516
x-amz-cf-id: tUtCsKgEkoSZz83EdQb-9ZC7nxxAjn8xomgfJGS4CvA5f6cLvDA4YA==

GET arome_video-bergamote-img.jpg
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw8023b799/mediatags/aromes/ 0
0

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 95ms
37ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kusmitea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 224287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:08:09 GMT

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 127ms
69ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kusmitea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 224037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:12:19 GMT

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 113ms
55ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kusmitea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 224037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:12:19 GMT

GET
H2 200 sophillia-webfont.woff2
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/fonts/Sophillia/ 32 KB
32 KB 52ms
52ms Font
font/woff2 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/fonts/Sophillia/sophillia-webfont.woff2
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/scss/pages/pdp.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824a7a83e4669eec95a7c86abc1a5f7bfc8148dbca1f0044ae4de683e99a2e24

Request headers

Referer: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/scss/pages/pdp.css
Origin: https://www.kusmitea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 02:41:01 GMT
server: cloudflare
age: 11699
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591402
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 7156b319ac9c9189-FRA
x-dw-request-base-id: kAVPf5CHmWIBAAB_
content-length: 32316
expires: Sun, 03 Jul 2022 07:16:18 GMT

GET
DATA 200
OK truncated
/ 180 B
180 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 379c9909a93ff9d923ba7379d8ef878a9729b6968da6c0741bac8d7eb6e4a94c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: img/png

GET

live.js
lc.iadvize.com/static/livechat/df8e42109aaa4932bd1ad7bb3653e36f7b63b703/
Redirect Chain

https://lc.iadvize.com/iadvize.js?sid=17959
https://lc.iadvize.com/static/livechat/df8e42109aaa4932bd1ad7bb3653e36f7b63b703/live.js

0
0

GET
H2 200 9f70c92df2823925ba8cdcbd424a4bbfd2da346d_21718A1070.png
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dw518af541/images/9/f/7/0/ 105 KB
0 140ms
87ms Image
image/png 143.204.96.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dw518af541/images/9/f/7/0/9f70c92df2823925ba8cdcbd424a4bbfd2da346d_21718A1070.png?sw=400&q=100
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.96.96 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 06:41:41 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age: 866675
x-amzn-requestid: 4fdf018b-1b5d-4ac3-aaf8-52da9c58feca
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amzn-trace-id: Root=1-628c7e25-02bd0b804c91f4987c08b129;Sampled=0
x-amz-cf-pop: FRA50-C1
x-amz-apigw-id: Snil0FSGIAMFurw=
content-length: 174054
x-amz-cf-id: s9ajemPbFbkDS0dCFJfLv3-vQ4f3hsch6krF_4j2DneogBF5zGMorg==

GET
H2 200 9f70c92df2823925ba8cdcbd424a4bbfd2da346d_21718A1070.png
www.kusmitea.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dw518af541/images/9/f/7/0/ 22 KB
22 KB 79ms
78ms Image
image/png 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kusmitea.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dw518af541/images/9/f/7/0/9f70c92df2823925ba8cdcbd424a4bbfd2da346d_21718A1070.png?sw=130&sh=136&sm=fit&q=100
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74865478681a269b627b876d1c12b9f844acec5a3a5477e02bdd0db983be7bde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
via: 1.1 4ba99d04800d29b58ab9861f60991a2a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=130&sh=136&sm=fit&q=100
x-cache: Hit from cloudfront
content-length: 22218
x-amz-expiration: expiry-date="Sat, 24 Jun 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 24 May 2022 06:41:42 GMT
server: cloudflare
etag: "1a950d9ef3eded65c1b3f804330d467b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 7156b31a1d779189-FRA
x-amz-cf-id: -ReK2ObTx89_Zv1F3W2Q-_BLnxYY--NkUdiX0ymsYUTh52gR5eIxXA==
expires: Sun, 03 Jul 2022 07:26:16 GMT

GET
H2 200 46f3bd9abd3d2f6b06649162bb344023f454d023_21718A1010.png
www.kusmitea.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dwd84a8479/images/4/6/f/3/ 30 KB
31 KB 91ms
90ms Image
image/png 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kusmitea.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dwd84a8479/images/4/6/f/3/46f3bd9abd3d2f6b06649162bb344023f454d023_21718A1010.png?sw=130&sh=136&sm=fit&q=100
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b5ff345198d3c60e9a2e78d58ea3e18ecad159a868c51ff44b0081fb7cd35e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
via: 1.1 b8d6320dae849a3360537a2233718764.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=130&sh=136&sm=fit&q=100
x-cache: Hit from cloudfront
content-length: 31097
x-amz-expiration: expiry-date="Sat, 24 Jun 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 24 May 2022 06:41:42 GMT
server: cloudflare
etag: "22e7205f598f4fb6fd91425814ed48c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 7156b31a1d7c9189-FRA
x-amz-cf-id: 4DPVKOz7GIxwc8ubWAv_-n8eGmZdGKMn1S5b57GLCfZuk2S-2zJZpQ==
expires: Sun, 03 Jul 2022 07:26:16 GMT

GET
H2 200 87111c740a5fba3876fc9b0848540c9e1de6923f_21718A1120.png
www.kusmitea.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dw5a90b4c1/images/8/7/1/1/ 30 KB
30 KB 76ms
75ms Image
image/png 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kusmitea.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dw5a90b4c1/images/8/7/1/1/87111c740a5fba3876fc9b0848540c9e1de6923f_21718A1120.png?sw=130&sh=136&sm=fit&q=100
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48514aabc2bb86066c6d16281559b2c6bf5a34b6b4d02f64f1bc9bc49247e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=130&sh=136&sm=fit&q=100
x-cache: Hit from cloudfront
content-length: 30443
x-amz-expiration: expiry-date="Sat, 24 Jun 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 24 May 2022 06:41:42 GMT
server: cloudflare
etag: "1f2ba1fc6baba98852b1ac4ab36fd97f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 7156b31a1d809189-FRA
x-amz-cf-id: yEGaldlx3eoptoK8PLfUPlbdY6BfCbRcRwoFOXlrND8KH-v3bXpzbA==
expires: Sun, 03 Jul 2022 07:26:16 GMT

GET 314b6f236fb2c9ea51cf20af5e7dd2049b5e758a_21718A1190.png
www.kusmitea.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dwd3eca217/images/3/1/4/b/ 0
0

GET
H2 200 8bce5418c996c299ffd655d5f4171bee56fb0d8b_21718A1030.png
www.kusmitea.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dw357659ff/images/8/b/c/e/ 9 KB
9 KB 75ms
74ms Image
image/png 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kusmitea.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dw357659ff/images/8/b/c/e/8bce5418c996c299ffd655d5f4171bee56fb0d8b_21718A1030.png?sw=130&sh=136&sm=fit&q=100
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2dada8b82871d887d0ef0a98c603e50061a54fe0a0340cc8d0f67b59f858673

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
via: 1.1 dcc00cbe52c84a141576f927caec03b4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=130&sh=136&sm=fit&q=100
x-cache: Hit from cloudfront
content-length: 8721
x-amz-expiration: expiry-date="Sat, 24 Jun 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 24 May 2022 06:41:43 GMT
server: cloudflare
etag: "900ba920cc6e28ff3b69b92d35b490a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 7156b31a2d839189-FRA
x-amz-cf-id: yt0hcqOCajUFWGwRgPCEdwBq8bdbamtzfISocaA78OS4BB96W4lNuw==
expires: Sun, 03 Jul 2022 07:26:16 GMT

GET ING012.jpg
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw2412623b/images/ingredients/ 0
0

GET ING030.jpg
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwbe89a3ef/images/ingredients/ 0
0

GET ING037.jpg
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwecd94f99/images/ingredients/ 0
0

GET ING080.jpg
edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwf4b52ae0/images/ingredients/ 0
0

GET
H3 200 sdk.js Show response
sdk.teester.com/ 53 KB
16 KB 99ms
53ms Script
application/javascript 2606:4700::6812:1ab5

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.teester.com/sdk.js?version=2.15.7-c22959b4cf1ac8caaf79a1f20265344e621b27f3
Requested by: Host: sdk.teester.com
URL: https://sdk.teester.com/loader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1ab5 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: fababac58238fa6608099bb13a238cea061bb9d680d8969904a87ea3781451fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 4881
x-guploader-uploadid: ADPycdvdHf2F4cWm5HDKU_EW3nPjmtFUu-7RknPq8r2sQ6GCdLIp-apCbBY6Yt3yXNH2oZpsnQRgz0u17SU1y_6a4Xok8UYl680t
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 May 2022 13:59:09 GMT
server: cloudflare
etag: W/"9684e671589f10f36a6f9c7ca37b1204"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=lm9OYw==, md5=loTmcVifEPNqb5x8o3sSBA==
x-goog-generation: 1652882349631956
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 54201
cf-ray: 7156b31a6c0a693d-FRA
expires: Fri, 03 Jun 2022 11:26:16 GMT

POST
H2 200 /
ariane.abtasty.com/ 43 B
0 130ms
48ms Fetch
image/gif 34.102.161.46

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/shared/analytics.6ef50a9b9738dd85ddd0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.161.46 -, , ASN (),

Reverse DNS

Software

- /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kusmitea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-decorator-operation: -
server: -
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
date: Fri, 03 Jun 2022 07:26:16 GMT
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://www.kusmitea.com
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
via: 1.1 google

GET
H2 200 ConsentTracking-GetContent Show response
www.kusmitea.com/on/demandware.store/Sites-Kusmi_DE-Site/de_DE/ 3 KB
1 KB 77ms
77ms XHR
text/html 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kusmitea.com/on/demandware.store/Sites-Kusmi_DE-Site/de_DE/ConsentTracking-GetContent?cid=tracking_hint
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/js/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c44301b99ab21376054f5fdc28aaa879e7572ddb2388807687c66ecfa8fa29b

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.kusmitea.com/de/st-petersbourg-bio-SAINBIOMASTER.html?v=21718A1070&kk=a4c6293-18128752566-1ee691
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.kusmitea.com
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7156b31a6e029189-FRA
x-dw-request-base-id: T7WYj5m3mWIBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.15.0/ 372 KB
83 KB 50ms
50ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.15.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: irsyHA4ScyRoaWoUUTe5ww==
age: 941
vary: Accept-Encoding
content-length: 84314
x-ms-lease-status: unlocked
last-modified: Tue, 23 Mar 2021 01:57:54 GMT
server: cloudflare
etag: 0x8D8ED9F12F4599F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e7d9e4fa-c01e-0087-26c0-118dc9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7156b31a7f889ba1-FRA

GET siPCG2O9Voo
www.youtube.com/embed/ Frame 6262 0
0

GET siPCG2O9Voo
www.youtube.com/embed/ Frame 7243 0
0

GET
H2 200 siPCG2O9Voo
www.youtube.com/embed/ Frame E5DB 0
0 136ms
136ms Document
text/html 2a00:1450:4001:828::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer

Requested by

Host: www.kusmitea.com
URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kusmitea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 03 Jun 2022 07:26:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 siPCG2O9Voo
www.youtube.com/embed/ Frame 5214 0
0 81ms
81ms Document
text/html 2a00:1450:4001:828::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer

Requested by

Host: www.kusmitea.com
URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kusmitea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 03 Jun 2022 07:26:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 siPCG2O9Voo
www.youtube.com/embed/ Frame 0E2B 0
0 123ms
123ms Document
text/html 2a00:1450:4001:828::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer

Requested by

Host: www.kusmitea.com
URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kusmitea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 03 Jun 2022 07:26:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 icon-chevron.svg
www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/images/svg/ 400 B
501 B 45ms
45ms Image
image/svg+xml 104.16.89.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/images/svg/icon-chevron.svg
Requested by: Host: www.kusmitea.com
URL: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/scss/pages/pdp.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ce6290cde2301b9e80eb0303f4d2e29bf7ba273e08ae0e3d1fa60bb209af60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kusmitea.com/on/demandware.static/Sites-Kusmi_DE-Site/-/de_DE/v1654228829637/scss/pages/pdp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:26:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 02:41:01 GMT
server: cloudflare
age: 11861
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591568
cross-origin-resource-policy: cross-origin
cf-ray: 7156b31a9e789189-FRA
x-dw-request-base-id: T7W2IJSHmWIBAAB_
expires: Sun, 03 Jul 2022 07:19:04 GMT

GET logo.svg
www.kusmitea.com/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw94550549/images/ 0
0

GET jquery.255dc77d2a645e62a25c.js
try.abtasty.com/shared/ 0
0

GET pdp
r.cquotient.com/recs/bdht-Kusmi_DE/ 0
0

GET widget03-1238_script.js
cl.avis-verifies.com/de/cache/2/7/2/272041d7-eafd-7604-f177-93acb2772809/widget4/ 0
0

GET analytics.js
www.google-analytics.com/ 0
0

GET 764aded09d50d.js
t.contentsquare.net/uxa/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw2a798aba/mediatags/aromes/aome_picto-ingredients.png?

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwf31d0dc7/mediatags/2020_07-thiashola-lifestyle.jpg?sw=1000&sh=1000

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw1996166e/mediatags/2020_07-vrac_the-lifestyle.jpg?sw=1000&sh=1000

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwafe3c407/mediatags/2020_10-citrons.jpg?sw=1000&sh=1000

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw5d538125/mediatags/2020_07-the_bio-lifestyle.jpg?sw=1000&sh=1000

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw5b4a2d09/images/footer/2021-icon-mif.png

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw65473115/images/footer/2021-icon-bio.png

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw175c18e0/images/footer/2021-icon-0plastique.png

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw301c6b9b/images/footer/2021-icon-livraison-offerte-footer.png

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwfcb6d834/images/footer/2021-icon-livraison-footer.png

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw71c66b61/images/footer/2021-icon-paiement-footer.png

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwd52d2fce/images/footer/2021-icon-sachet-footer.png

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw66f775c0/images/footer/2021-icon-K-footer.png

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw78ef001b/images/footer/2021-icon-contact.png

Domain: www.youtube.com
URL: https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw8023b799/mediatags/aromes/arome_video-bergamote-img.jpg

Domain: lc.iadvize.com
URL: https://lc.iadvize.com/static/livechat/df8e42109aaa4932bd1ad7bb3653e36f7b63b703/live.js

Domain: www.kusmitea.com
URL: https://www.kusmitea.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Sites-masterCatalog_Kusmi/default/dwd3eca217/images/3/1/4/b/314b6f236fb2c9ea51cf20af5e7dd2049b5e758a_21718A1190.png?sw=130&sh=136&sm=fit&q=100

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw2412623b/images/ingredients/ING012.jpg?sw=120

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwbe89a3ef/images/ingredients/ING030.jpg?sw=120

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwecd94f99/images/ingredients/ING037.jpg?sw=120

Domain: edge.disstg.commercecloud.salesforce.com
URL: https://edge.disstg.commercecloud.salesforce.com/dw/image/v2/BDHT_PRD/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dwf4b52ae0/images/ingredients/ING080.jpg?sw=120

Domain: www.youtube.com
URL: https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer

Domain: www.youtube.com
URL: https://www.youtube.com/embed/siPCG2O9Voo?enablejsapi=1&version=3&playerapiid=ytplayer

Domain: www.kusmitea.com
URL: https://www.kusmitea.com/on/demandware.static/-/Library-Sites-Kusmi_Shared/default/dw94550549/images/logo.svg

Domain: try.abtasty.com
URL: https://try.abtasty.com/shared/jquery.255dc77d2a645e62a25c.js

Domain: r.cquotient.com
URL: https://r.cquotient.com/recs/bdht-Kusmi_DE/pdp?callback=CQuotient._callback0&_device=windows&userId=&cookieId=&emailId=&anchors=id%3A%3ASAINBIOMASTER%7C%7Csku%3A%3A21718A1070%7C%7Ctype%3A%3A%7C%7Calt_id%3A%3A&slotId=product-recommendations-m&slotConfigId=Eintein-recommender&slotConfigTemplate=slots%2Frecommendation%2FpdpRecommendations.isml&ccver=1.03&realm=BDHT&siteId=Kusmi_DE&instanceType=prd&v=v2.34.2&json=%7B%22userId%22%3A%22%22%2C%22cookieId%22%3A%22%22%2C%22emailId%22%3A%22%22%2C%22anchors%22%3A%5B%7B%22id%22%3A%22SAINBIOMASTER%22%2C%22sku%22%3A%2221718A1070%22%2C%22type%22%3A%22%22%2C%22alt_id%22%3A%22%22%7D%5D%2C%22slotId%22%3A%22product-recommendations-m%22%2C%22slotConfigId%22%3A%22Eintein-recommender%22%2C%22slotConfigTemplate%22%3A%22slots%2Frecommendation%2FpdpRecommendations.isml%22%2C%22ccver%22%3A%221.03%22%2C%22realm%22%3A%22BDHT%22%2C%22siteId%22%3A%22Kusmi_DE%22%2C%22instanceType%22%3A%22prd%22%2C%22v%22%3A%22v2.34.2%22%7D

Domain: cl.avis-verifies.com
URL: https://cl.avis-verifies.com/de/cache/2/7/2/272041d7-eafd-7604-f177-93acb2772809/widget4/widget03-1238_script.js?_=1654241176830

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/764aded09d50d.js

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dump.com/	1970-01-20 03:30:42	Name: parking_session Value: 31e2e918-2224-517a-bc42-ca926429f7db
r.redirekted.com/	1970-01-20 03:32:07	Name: uuid Value: 8814776655622109184
.redirekted.com/	1970-01-20 21:01:53	Name: _ga Value: GA1.2.574995554.1654241175
.redirekted.com/	1970-01-20 03:32:07	Name: _gid Value: GA1.2.383942537.1654241175
.redirekted.com/	1970-01-20 03:30:41	Name: _gat Value: 1
.kelkoogroup.net/	1970-01-20 12:16:17	Name: referer Value: http%3A%2F%2Fr.redirekted.com%2F
.kelkoogroup.net/	1970-01-20 12:16:17	Name: kelkooID Value: a4c6293-18128752566-1ee691
.kelkoogroup.net/	1970-01-20 12:16:17	Name: lastSearchedKeyword Value: a3dkPUtVU01JIFRFQSBTdC1Qw6l0ZXJzYm91cmcgYmlvIHx0cz0xNjU0MjQxMTc0OTA1fGNhdElkPTEyODgwMXxjb21JZD0xMDA1MzMyNDM=
.de-go.kelkoogroup.net/	1970-01-20 21:01:53	Name: _ga Value: GA1.3.931192286.1654241175
.de-go.kelkoogroup.net/	1970-01-20 03:32:07	Name: _gid Value: GA1.3.1780948440.1654241175
.de-go.kelkoogroup.net/	1970-01-20 03:30:41	Name: _gat_UA-168544891-7 Value: 1
.kelkoogroup.net/	1970-01-20 12:16:17	Name: datadome Value: uid.Q_.vZ~8f-8ZInMGyIqAa4sMvuVIp7Ya-1qFNn8-2jh7~f5PNmn40jckgBTqHDedVugUkAhvuSI70T7sA04FohroVDsnpeD8~LNB3Cj7-Pv8rGBna7rLzT2dyDnm
.lgw.io/	1970-01-20 04:13:53	Name: lgwtrk-1076 Value: 58607
.lgw.io/	1970-01-20 04:13:53	Name: lgwtrk-1076-sku Value: 21718A1070
.lgw.io/	1970-01-20 04:13:53	Name: lgwtrk-1076-name Value: St-P%C3%A9tersbourg%20bio
.lgw.io/	1970-01-20 04:13:53	Name: lgwtrk-1076-img Value: https%3A%2F%2Fwww.kusmitea.com%2Fon%2Fdemandware.static%2F-%2FSites-masterCatalog_Kusmi%2Fdefault%2Fdw518af541%2Fimages%2F9%2Ff%2F7%2F0%2F9f70c92df2823925ba8cdcbd424a4bbfd2da346d_21718A1070.png
.lgw.io/	1970-01-20 04:13:53	Name: lgwtrk-1076-url Value: https%3A%2F%2Fwww.kusmitea.com%2Fde%2Fst-petersbourg-bio-SAINBIOMASTER.html%3Fv%3D21718A1070%26kk%3Da4c6293-18128752566-1ee691
.lgw.io/	1970-01-20 04:13:53	Name: lgwtrk-1076-cat Value: bergamote%2Cbest_sellers%2Cbio%2Cfruits-rouges%2Cmatin-petit-dejeuner%2Cnoir%2Cnoir_boites%2Cnoir_sachets%2Cnoir_vrac%2Crecharge_pour_coffrets%2Csaint_valentin%2Csale%2Cthe_agrumes%2Cthe_boites%2Cthe_gourmand%2Cthe_sachets%2Cthe_vrac%2Cthes_early_grey%2Cthes_et_infussions_bio%2Cthes_et_infussions_parfumes%2Cthes_gout_russes%2Cthes_hiver
.lgw.io/	1970-01-20 04:13:53	Name: lgwtrk-1076-dt Value: 2022-06-03T09%3A26%3A15%2B02%3A00
www.kusmitea.com/	1969-12-31 23:59:59	Name: sid Value: cQKfn0p_sMBWkx_SGu9ogSvIoAFkLB3MuO0
www.kusmitea.com/	1970-01-20 07:49:53	Name: dwanonymous_3cd8285fc09482d5293c6c4f64709bc6 Value: abZtBr5yeSv44QDuclHqn4B9vy
www.kusmitea.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
www.kusmitea.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
www.kusmitea.com/	1969-12-31 23:59:59	Name: dwsid Value: 7NI7A8QDpzWuWjw1Pj4cobYYBJ3qUAo5QCS9-j8XaFrG90mvoh6OlstSyQ9RR-0mnBo1dRliIWpEGeRN1IGzBQ==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
ariane.abtasty.com
cdn.cookielaw.org
cdn.cquotient.com
cl.avis-verifies.com
dcinfos-cache.abtasty.com
de-go.kelkoogroup.net
dump.com
edge.disstg.commercecloud.salesforce.com
fonts.googleapis.com
fonts.gstatic.com
js.datadome.co
lc.iadvize.com
r.cquotient.com
r.redirekted.com
sdk.teester.com
t.contentsquare.net
trk.lgw.io
try.abtasty.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.kusmitea.com
www.youtube.com
cl.avis-verifies.com
edge.disstg.commercecloud.salesforce.com
lc.iadvize.com
r.cquotient.com
t.contentsquare.net
try.abtasty.com
www.google-analytics.com
www.kusmitea.com
www.youtube.com
104.16.89.34
143.204.93.53
143.204.96.96
143.204.98.101
143.204.98.124
143.204.98.76
146.185.41.180
216.120.146.200
2606:4700::6810:9540
2606:4700::6812:1ab5
2a00:1450:4001:802::2004
2a00:1450:4001:803::2008
2a00:1450:4001:812::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:831::200e
3.65.154.169
34.102.161.46
34.107.143.101
66.165.243.160
95.211.116.27
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0acc05529b896335e67451050b9d9353d4cd680a470919fecf91c12ff09196d3
0c27088d2fa00fc5ae05c2f21947566615bfc234ac58a7e9599031e8ddd48b89
0c44301b99ab21376054f5fdc28aaa879e7572ddb2388807687c66ecfa8fa29b
0f822549a53d196ff989b5b473cae8fb91dee3e2819f424a2479fa87d1d3c2b7
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11f7c2fa09c39674412328f8b98aa04140024cbe4e0ddd9f1ee6ed40ca6d3da4
16b217bd48d6d05e9eb8562b15ea89c935d7a45e1395bc27472b79da413b530e
19471722a0f8dee2a17e860e89e32492c7f8ed083615147eb93e5caf23fe7c22
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1ca55191304b9fd042fd5e53ad0801e423e8c17abbc7e4121ffca98f674618a7
1d3d613fd6890ac3fb609f02374126e6fc79eafbd7dc6fe00a6118c3a021a715
1e3160481d7c99d2938332259910745ecb04a86a03337f2a4691df67910b2bf1
211614fdf21666ff927abdaebfaa9c1288f21a491f558c4e04d86a3f809a262f
237bf73d8d7383be5eaae41e4ceab2bc35cf7311e772bbc3fd561a3e97d5a58f
23b5ff345198d3c60e9a2e78d58ea3e18ecad159a868c51ff44b0081fb7cd35e
26649e09469ef835108bbfd6fff8c65474457994a1d162af2784fea14a493c82
2e3990b8e78848548585fb3d922150764ce19e8a6e6f930bad0e3b9eac8b901b
379c9909a93ff9d923ba7379d8ef878a9729b6968da6c0741bac8d7eb6e4a94c
398fd5728a21dc3f915118c8fd840ffd52ed59cb4e1705a94029190f718a313b
3d9f951fd718121e1aef663f103bee03eb8e253e6bdeffeaff66215c362c983f
3e98d1565f83297e310b27b4ece231931f4cdf7f258809e20ce208e1e9deacdc
40b0765cc0e6a5b6f461d5eac7902c57047d4f6eff0acd48d91e4c297ff078ac
4511892ecdaa2a08bfc5933e7d31f3bdeee5f706c462cb717c802718908a670c
462a12449b113c566648318e07477bb8727c4f8d7df1f0d513a8b9be2f53c0f7
4a8565e6139becff5dc149b11edabfa9f7b05a3851e4664b339d6f63b280e31f
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
590b29afb9cab2915eccafa174447bcf4a24302492f02767366219a83990975a
5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b6b34e69f08fb2fb269c0affa0b91f979eacc9df506d06fcc670e0601f23784
74779cf08b3ab7faf1ab54610f4929e1559d805116f5568c40dd9d88223b7840
74865478681a269b627b876d1c12b9f844acec5a3a5477e02bdd0db983be7bde
78708045fb5d54136e8b721ee81bac01b72dd88669d2e5ff653fc6fa9d781dbf
7a3cb6cb6ce2099deb723f8f77daf8dcd9f2b56e79635f5b225472a6ea9b9c27
817d6719b6901c6581f970db61f3678755e463345eb6a518810c869e9418d1ed
824a7a83e4669eec95a7c86abc1a5f7bfc8148dbca1f0044ae4de683e99a2e24
8d4c4c332a776d67fb2dcb81e6c4112e6fb7fbf7709fdda65b67affca750c49f
8f6480a692038e52940bfd35f2a18cfd6a4ea5a29b21fb9530ecd095b351ce69
90c28d115d0f56bc016b428132a07f4347ab5a0de6b0945af90d27aa5cc03b08
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
979377a96f376b3292fa82543074602ac73e917d62a20d80366edcd0ab3e5999
990b56f8d03877f2781e29d563d009ec43d517e5d94851e9e3cabc0e7c6ffcdd
99ce6290cde2301b9e80eb0303f4d2e29bf7ba273e08ae0e3d1fa60bb209af60
9d0d8ad8f4e8591f051a26bb9aa6a5855df68271833cf4edb1a171067eab5fc3
9de171873519df970d305c17530392dac0d18121589e733c8e070583930c8403
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2dada8b82871d887d0ef0a98c603e50061a54fe0a0340cc8d0f67b59f858673
a483a813c2c39a3ebf9198e09462edf70f0a8c94efb273b5dbc65878c25f7986
a48514aabc2bb86066c6d16281559b2c6bf5a34b6b4d02f64f1bc9bc49247e39
a7d3fc80e874327307f788078b08a80fa50faf50e2722a4f21888f1094dbc787
c007e43667c83d028fe240e14506aacae4350f280c2ab7398470226b38a9fb87
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c89f8f6a7cde148765411bf6017a92abac58060b9e52a8e7eb5601e4242c3542
d23698ec7341e8c1171caafd267d965edc1337158d925a3f3cb78d1ddf7d7ac6
e1cd740219f9700c02a0ea36c318501bc34ba1740bc456fe8a812a94295f660a
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed269e347840a47969a19aac34cd78e946b9fcf91a50b6b88769f8b9e82fad7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd12b4d45bea6b8e12b5377af9cd25ec035752fd8d14158315d5d3a467da776
f0b9c66c64fb08196fb3ae8a79cd0a44b075487d19b497fed66238f06ff00f59
f2269870015a03ee6c6a750efc9d015bcab1331ebb19cf9fe4321fd625a1ac6e
fababac58238fa6608099bb13a238cea061bb9d680d8969904a87ea3781451fc

www.kusmitea.com Open in urlscan Pro 104.16.89.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

57 %HTTPS

38 %IPv6

20 Domains

24 Subdomains

21 IPs

5 Countries

1161 kBTransfer

3618 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.kusmitea.com Open in urlscan Pro
104.16.89.34 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

57 %
HTTPS

38 %
IPv6

20
Domains

24
Subdomains

21
IPs

5
Countries

1161 kB
Transfer

3618 kB
Size

24
Cookies

100 HTTP transactions
11 data transactions