www.affaerentreff.de Open in urlscan Pro
2600:9000:24d4:7000:13:920a:46c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.vgnp3trk.com/3lpdkc/7xdn2/0.4077971601724777
Effective URL:
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
Submission: On January 22 via api (January 22nd 2024, 3:04:37 am UTC) from US — Scanned from US

Summary HTTP 77 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 19 domains to perform 77 HTTP transactions. The main IP is 2600:9000:24d4:7000:13:920a:46c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.affaerentreff.de.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 18th 2023. Valid for: a year.

This is the only time www.affaerentreff.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.117.39.110 34.117.39.110	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
26	2600:9000:24d... 2600:9000:24d4:7000:13:920a:46c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	91.201.28.212 91.201.28.212	203480 (QUALITYUNIT) (QUALITYUNIT)
4	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.48.224.106 23.48.224.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	172.104.238.149 172.104.238.149	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.84.18.89 52.84.18.89	16509 (AMAZON-02) (AMAZON-02)
3	108.62.123.181 108.62.123.181	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	2606:4700:303... 2606:4700:3036::ac43:9c50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	54.230.18.36 54.230.18.36	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
1	65.8.49.61 65.8.49.61	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	172.104.244.5 172.104.244.5	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
77	21

1 34.117.39.110 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 110.39.117.34.bc.googleusercontent.com

www.vgnp3trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:24d4:7000:13:920a:46c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.affaerentreff.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.201.28.212 (Slovakia)

ASN203480 (QUALITYUNIT, SK)

50slove.postaffiliatepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.48.224.106 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-106.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.104.238.149 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1814-149.members.linode.com

ais.ladesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.18.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-18-89.ord53.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.62.123.181 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

detour.datingalpha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:9c50 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.azshopp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.18.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-18-36.ord51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.49.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-49-61.ord52.r.cloudfront.net

cdn.aisgmbh.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.104.244.5 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1821-5.members.linode.com

2-vbus-de.ladesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	affaerentreff.de www.affaerentreff.de	471 KB
14	ladesk.com ais.ladesk.com 2-vbus-de.ladesk.com — Cisco Umbrella Rank: 100056	185 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	142 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	283 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	58 KB
3	datingalpha.net detour.datingalpha.net	7 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 681 script.hotjar.com — Cisco Umbrella Rank: 996	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	92 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	83 KB
2	postaffiliatepro.com 50slove.postaffiliatepro.com	7 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	aisgmbh.at cdn.aisgmbh.at	16 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
1	azshopp.com scripts.azshopp.com	563 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	5 KB
1	vgnp3trk.com 1 redirects www.vgnp3trk.com	660 B
77	19

	Domain	Requested by
26	www.affaerentreff.de	www.affaerentreff.de
9	ais.ladesk.com	www.affaerentreff.de ais.ladesk.com
5	2-vbus-de.ladesk.com	ais.ladesk.com 2-vbus-de.ladesk.com
5	analytics.tiktok.com	www.affaerentreff.de analytics.tiktok.com
4	www.googletagmanager.com	www.affaerentreff.de www.googletagmanager.com
4	cdn.jsdelivr.net	www.affaerentreff.de
3	detour.datingalpha.net	www.googletagmanager.com detour.datingalpha.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.affaerentreff.de
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.affaerentreff.de connect.facebook.net
2	maxcdn.bootstrapcdn.com	www.affaerentreff.de maxcdn.bootstrapcdn.com
2	50slove.postaffiliatepro.com	www.affaerentreff.de 50slove.postaffiliatepro.com
1	www.facebook.com	www.affaerentreff.de
1	cdn.aisgmbh.at	www.affaerentreff.de
1	www.google.com	www.affaerentreff.de
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	scripts.azshopp.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.affaerentreff.de
1	www.vgnp3trk.com	1 redirects
77	21

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
www.affaerentreff.at
www.affaerentreff.ch
www.privacyshield.gov
www.dsb.gv.at
ec.europa.eu
policies.google.com
www.google.com
tools.google.com
www.google.de
www.networkadvertising.org

Subject Issuer	Validity	Valid
*.affaerentreff.de Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.postaffiliatepro.com R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.ladesk.com R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-31` - `2024-01-29`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
detour.datingalpha.net ZeroSSL RSA Domain Secure Site CA	`2024-01-09` - `2024-04-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.aisgmbh.at Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
Frame ID: CE89A28ADA584FDF128AEEAFE556E820
Requests: 66 HTTP requests in this frame

Frame: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Frame ID: 8AA71A5C6309C313BD4567FA66E425CD
Requests: 5 HTTP requests in this frame

Frame: https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1705901895&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109
Frame ID: 1E4BAC55BFD679E02D9FA1B4AC237850
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AFFAERENTREFF

Page URL History Show full URLs

http://www.vgnp3trk.com/3lpdkc/7xdn2/0.4077971601724777 HTTP 302
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

77
Requests

99 %
HTTPS

57 %
IPv6

19
Domains

21
Subdomains

21
IPs

3
Countries

1444 kB
Transfer

4099 kB
Size

28
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Mehr dazu

Search URL Search Domain Scan URL

URL: https://www.affaerentreff.at/

Search URL Search Domain Scan URL

URL: https://www.affaerentreff.ch/

Search URL Search Domain Scan URL

URL: https://www.privacyshield.gov/
Title: https://www.privacyshield.gov

Search URL Search Domain Scan URL

URL: http://www.dsb.gv.at/
Title: http://www.dsb.gv.at

Search URL Search Domain Scan URL

URL: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
Title: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/de/help/terms_maps/
Title: Zusätzlichen Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://tools.google.com/dlpage/gaoptout?hl=ch
Title: https://tools.google.com/dlpage/gaoptout?hl=ch

Search URL Search Domain Scan URL

URL: http://www.google.de/settings/ads
Title: www.google.de/settings/ads

Search URL Search Domain Scan URL

URL: https://www.networkadvertising.org/choices/?partnerId=1/
Title: https://www.networkadvertising.org/choices/?partnerId=1/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.vgnp3trk.com/3lpdkc/7xdn2/0.4077971601724777 HTTP 302
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.affaerentreff.de/
Redirect Chain

http://www.vgnp3trk.com/3lpdkc/7xdn2/0.4077971601724777
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

9 KB
4 KB

354ms
224ms

Document
text/html

2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e2347f12c65dbad05f419068e3720c005ffc9e10d405e56f0a431225b2ab6681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Mon, 22 Jan 2024 03:04:28 GMT
etag: W/"c7f7df25aef419fdb5220c1dba0247af"
last-modified: Mon, 15 Jan 2024 15:26:23 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-amz-cf-id: iUxCboRS5JZdSB7a1UVxtsx0WvVwdn-3ODwBEIF0um96Jgm6lTlnXA==
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Content-Length: 140
Via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 03:04:26 GMT
location: https://www.affaerentreff.de?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
server: nginx
vary: Origin
x-eflow-request-id: 95f5a86e-3cda-485e-93dc-52a63a41024c

GET
H2 200 vue.prod.min.js Show response
www.affaerentreff.de/scripts/ 105 KB
38 KB 213ms
198ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/vue.prod.min.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d601f229247b261d18181988f7337b3f652165187f3c22a109821a50ea96a0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"7f8906c1a2320dd9108f0d40b74d8989"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 9KR2dTGvHsauHSskJDw5JBD4qqjxNIabzEf6msjK58vBf9wb7i2Khw==

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 38ms
4ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.affaerentreff.de/
Origin: https://www.affaerentreff.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 03:04:27 GMT
x-content-type-options: nosniff
content-encoding: br
age: 19415911
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
x-served-by: cache-fra-eddf8230097-FRA, cache-lga21958-LGA
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.3.4.1.min.js Show response
www.affaerentreff.de/scripts/ 86 KB
31 KB 243ms
229ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/jquery.3.4.1.min.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"220afd743d9e9643852e31a135a9f3ae"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: s3CBw9qDTnADMLgmPNqimEx1gf9LT3NV63FDJ1NalRWKez_HL9krEw==

GET
H2 200 js.cookie.js Show response
www.affaerentreff.de/scripts/ 4 KB
2 KB 194ms
193ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/js.cookie.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:29 GMT
server: AmazonS3
etag: W/"fa93e8894edb6245ab03883633b12b6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 8x2bi61f-4L0be0gxYyQao4itMV8V3ePzVi1vG8iUi05yxCqyKUXiQ==

GET
H2 200 main.css
www.affaerentreff.de/styles/ 19 KB
4 KB 399ms
385ms Stylesheet
text/css 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/styles/main.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f9d654ac900cbd8a09bb26c48a51260cb7d816c53c32ed69d4b2c90cb991d2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"d3ddcd97bf2f9fcc3da8330cea22f225"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 8oZY2Pm43wN_EQxjOXKF_vho80RoXBNQK6DNZZUyOawE_T5S4B2NJQ==

GET
H2 200 heflzjgg Show response
50slove.postaffiliatepro.com/scripts/ 27 KB
6 KB 867ms
101ms Script
application/javascript 91.201.28.212
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL

https://50slove.postaffiliatepro.com/scripts/heflzjgg

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.201.28.212 , Slovakia, ASN203480 (QUALITYUNIT, SK),

Reverse DNS

Software

nginx /

Resource Hash

291b8a5be6d7bd8d1e5bb6e5cbcb6c5312f1c7bb7da1e3b95ec8b2edbe836dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (2.lb-app.pap.ws-eu)
x-srv: 2
age: 99
content-length: 6076
last-modified: Mon, 18 Dec 2023 15:29:38 GMT
server: nginx
etag: "6ae8-60cca6afa9c80"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 598150935 596315109
cache-control: max-age=120
accept-ranges: bytes
expires: Mon, 22 Jan 2024 03:04:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 40ms
18ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2eb32f5380149642f82d62b133d570647be67b2b75410f4110c33baad8e80d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 03:04:28 GMT

GET
H2 200 config.js Show response
www.affaerentreff.de/configs/ 1 KB
904 B 256ms
242ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/configs/config.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

30a2fd1f1d65fcb9aab83057288891808eb932fb9acdc7991cda1c25a8707f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:22 GMT
server: AmazonS3
etag: W/"f76b7ee5952938f2a908a62fbc26cdf6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: wy9cIi5v-sh31nqQ_OZqDkTLTt7NBeuRko2jQNOSnT8ENbMyp6-kAg==

GET
H2 200 axios.0.25.0.min.js Show response
www.affaerentreff.de/scripts/ 18 KB
7 KB 196ms
187ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/axios.0.25.0.min.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b00828aa594968071f062841833553f98541845061e2d1c3144da47acce5940d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"3f3c2540b53a9f09d04c2a826716fcf2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: MK_qSNYOhgK3XVru175V0QqN3Og_WKYZxuuTe6scSs27xFUa60DSzw==

GET
H2 200 jwt-decode.js Show response
www.affaerentreff.de/scripts/ 4 KB
2 KB 188ms
184ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/jwt-decode.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b190768a27312ddecca5f1f2e2ef9c55a79457391e493fc514d4ce17ebd3b224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:29 GMT
server: AmazonS3
etag: W/"b0a42accad91746f04333f15fd67af39"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: OeZzxRlrqo10831hX6WgytPjChR71BLaOqrECDBzKesqWH6F_j9cyQ==

GET
H2 200 countrySelectData.js Show response
www.affaerentreff.de/scripts/ 5 KB
1 KB 287ms
279ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/countrySelectData.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e30993ba98335c5da42a597b569fc5e1a3af35c39f69540e9b76f1cefe9d266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:29 GMT
server: AmazonS3
etag: W/"ee7744ad91e0c3c02a397292c9d5248a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: MmClDI9Kd-GOUPH7Gt27dfqLevQ9f4goUnASOqnCHxBD5sOTX_DC4A==

GET
H2 200 vue-router.3.4.5.js Show response
www.affaerentreff.de/scripts/ 86 KB
22 KB 249ms
241ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/vue-router.3.4.5.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e052d8c61cf2bb73abe3b42a7ce6ab87e88653e9d1d263af3f37d728b948b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"2c9c3252901dd105ec7846ccc493d197"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: GGun5b339WYF_eiIMifY3Qkw6fc1n-qVkqVk6GmNCc6n0zRoqKm6ug==

GET
H2 200 prelander.vue.js Show response
www.affaerentreff.de/pages/ 9 KB
2 KB 202ms
195ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/pages/prelander.vue.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e7bf7d34a51c9d6b9e0c8c9ab77599aeb40186375f11307684ded2b5e75a28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:24 GMT
server: AmazonS3
etag: W/"3257f0fd8bc12c46544a3fa206ff7752"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: xt4-tssx39bV7xEOlUmpGauOEQJ5jDioLDkTOluuIYKQGvc10p8QCw==

GET
H2 200 landingpage_v1.vue.js Show response
www.affaerentreff.de/pages/components/ 35 KB
5 KB 253ms
245ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/pages/components/landingpage_v1.vue.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9040613debda8e0d015563aadf1aa5d2e0399a8865ef972fb90c29f0cab0a2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:23 GMT
server: AmazonS3
etag: W/"4f27fc35a30dd577d2053a116b22a42a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: ll2PA3xev8-m-_avyyD70pAuYhXOZXVWCrs6LKEvCdLHGYgqZjboyA==

GET
H2 200 landingpage_v2.vue.js Show response
www.affaerentreff.de/pages/components/ 13 KB
3 KB 287ms
280ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/pages/components/landingpage_v2.vue.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

73fcbaf2504050334e324594bc9b1b44eb2b8338a4b552dca1c4dfc99b0c99f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:23 GMT
server: AmazonS3
etag: W/"f06fafd26e99bcb89af5ae01ef790515"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: wN1v4lVlcISy3MKYlKfQMplgNN2JwyLcUg3IzfLFQkT4SCqECW44rA==

GET
H2 200 app.vue.js Show response
www.affaerentreff.de/pages/ 20 KB
3 KB 251ms
244ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/pages/app.vue.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ea53a13e34d782e4408913319f375ca93d7af8f3f9edb75d8c7b1bceb07c9f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:23 GMT
server: AmazonS3
etag: W/"eaf878efe67517c48cd1a6f2e46fc151"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: ta74O2Nl2yPyZnT_wREqNdZn4e4d5wiPAmoZoIDc3R4mHGdvQTfoVw==

GET
H2 200 cancelmemebership.vue.js Show response
www.affaerentreff.de/pages/ 20 KB
3 KB 282ms
275ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/pages/cancelmemebership.vue.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c7fb8e00906d9a203c24532e6b32838eec1ff36386136ce8ff6847d1e6a8364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:23 GMT
server: AmazonS3
etag: W/"b1ddbd7fe7f5234c645f574128b79b68"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 2OTq52l3JlBZFQLvbwONKwuJZuc8VMyqwsxpGMiHaaqBQOlGoDHbsQ==

GET
H2 200 translationsEN.js Show response
www.affaerentreff.de/translations/ 4 KB
2 KB 245ms
238ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/translations/translationsEN.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92f1c173a2fcb9611997bf02435f4a18f41ed65968b7b76d413d998e27f8236b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"fc17fc07f5decb564cc560a61fd48ba3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: PDHHIFgbayWjxvAoIxEHd9hIVm7x9W14uE15JFTVBrtBl408l2XnWQ==

GET
H2 200 termsAndPolicies.js Show response
www.affaerentreff.de/scripts/ 313 KB
81 KB 287ms
281ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/termsAndPolicies.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8f60768b08308fe3b28a553d14a7b13133e0ca71f718ef27d9fee159afe7767b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"fe33cebac352a2497b6e9934d386822a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: OPgtzov7Bv87yWfN14cU3XMuHECvysrGdjfCieGVbTwEzBrkoDFlYQ==

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 31ms
5ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 03:04:27 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15316
x-jsd-version: 3.1.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1363
x-served-by: cache-fra-eddf8230078-FRA, cache-lga21932-LGA
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 31ms
6ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 03:04:27 GMT
x-content-type-options: nosniff
content-encoding: br
age: 32459
x-jsd-version: 3.1.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7125
x-served-by: cache-fra-eddf8230120-FRA, cache-lga21932-LGA
x-jsd-version-type: version
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
24 KB 29ms
4ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.affaerentreff.de/
Origin: https://www.affaerentreff.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 03:04:27 GMT
x-content-type-options: nosniff
content-encoding: br
age: 21041862
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
x-served-by: cache-fra-eddf8230080-FRA, cache-lga21958-LGA
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 55ms
30ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 4558654
cdn-cachedat: 10/31/2023 18:51:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f99c225dea09fd9a1dc0298de4f8988a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 849491d57f398cb3-EWR
cdn-requestpullsuccess: True

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 34ms
12ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2786388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQWHDNtNkYx48vzG6sy54AUwuu8PM71QlfO%2FXkwi0cwJJSJBtpCzourrBVcHVA5BZNE0EU%2BHUql2HBoN7tjTjGAZoSbZCQbbN10TlagFudYcG4Uvv8PPlLfJHYZ7B8kJVAfUKKLWgjKgWnbTgIRfPRKL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 849491d578ec1906-EWR
expires: Sat, 11 Jan 2025 03:04:27 GMT

GET
H2 200 main.js Show response
www.affaerentreff.de/scripts/ 48 KB
10 KB 248ms
242ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/main.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e2735602abdfa25ebbcd5f2606f2b768aae5f2cf20f835aa29c661e8dbfc33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"0307023b6ff173e7aff562fe0819fecb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: Bx4C5RfYrPKBRzL3jDaFNCQ04xi5lvIEUtPwbFVNJfz15inusnuxew==

GET
H2 200 heflzrgg Show response
50slove.postaffiliatepro.com/scripts/ 66 B
430 B 98ms
97ms Script
application/x-javascript 91.201.28.212
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL: https://50slove.postaffiliatepro.com/scripts/heflzrgg?accountId=default1&userId=vivero&url=S_www.affaerentreff.de%2F&referrer=&isInIframe=false&getParams=%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109&anchor=
Requested by: Host: 50slove.postaffiliatepro.com
URL: https://50slove.postaffiliatepro.com/scripts/heflzjgg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.201.28.212 , Slovakia, ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software: nginx /
Resource Hash: 5c5f1af2e1e4ad251de63fdede5da5dde015eacd0b399971615e1c2aabd79322

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: application/octet-stream, application/x-javascript
date: Mon, 22 Jan 2024 03:04:28 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
76 KB 31ms
30ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N53M925

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c452f8ec49b7c26c7b90d1ba2f656b231c06da6f51a99fb0dd1ebab8317c4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 03:04:28 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 65ms
24ms Script
application/javascript 23.48.224.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC47R8RC77U9MSBJN5NG&lib=ttq
Requested by: Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d8d86d69b9b4967ee807ccf018b87565ea035105aaea896baf5f6e8abb195932

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: a099166e
date: Mon, 22 Jan 2024 03:04:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240122030428852567FC35B2B5F0EA57-4AD35333A083CC01-00
x-cache: TCP_MISS from a23-195-36-74.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=15
content-length: 1330
pragma: no-cache
server: nginx
x-tt-logid: 20240122030428852567FC35B2B5F0EA57
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.195.36.74
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d6128b47a0a1209ce3c3d45e7548e3e8653048bd46a31ffa88be349b4c73e8175d06cc2a6a5ae6e1dad5477be389f4e17057544790baac6143e7cd045ddd82cca00e3c46df253e631f93cc51461db8e1e
expires: Mon, 22 Jan 2024 03:04:28 GMT

GET
H2 200 OpenSans-Regular.ttf
www.affaerentreff.de/fonts/ 95 KB
59 KB 205ms
205ms Font
font/ttf 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/fonts/OpenSans-Regular.ttf

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.affaerentreff.de/styles/main.css
Origin: https://www.affaerentreff.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:22 GMT
server: AmazonS3
etag: W/"3ed9575dcc488c3e3a5bd66620bdf5a4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 6KGWciGslFcdR3Vwsfcoqs7PnBG6xrsplwmBYtqGUj7fOl8KHLmCwg==

GET
H2 200 track.js Show response
ais.ladesk.com/scripts/ 49 KB
13 KB 668ms
197ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/track.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

88246e7f5d30387f283df5907c2694534d3399cd71676d124b16705fb6ca9c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 1
age: 35
content-length: 13040
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
etag: "c480-60f358fc50100"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 125551622 124211917
cache-control: max-age=300, public
accept-ranges: bytes
expires: Mon, 22 Jan 2024 09:03:54 GMT

GET
H2 200 translationsDE.js Show response
www.affaerentreff.de/translations/ 4 KB
2 KB 181ms
180ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/translations/translationsDE.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

134f038d354ff9d5fbdcf639c79a7b62cac791cf14e7384bdd936597c64def0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"cc05fb0e8c650d5534acbdfbbbf5ebc1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: jWnNktUs-RfilGkpGOnkJkaxTFnkVYhS51P9FNkmsh_-GUWV1PV8wg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 42ms
41ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-447642286&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5947ef6027bc6932d1127559a678d83d3de81206a45eb6db97a068734cfd89ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72675
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 03:04:28 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 60ms
41ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.affaerentreff.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 75d6336d2057cfb8cba04cf336cad1c2
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 849491db5be81a30-EWR
cdn-requestpullsuccess: True

GET
H2 200 main.MTc3MGUxMzJiMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 377 KB
102 KB 17ms
17ms Script
application/javascript 23.48.224.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC47R8RC77U9MSBJN5NG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a6a8a3a2eea52dace732bf19f82a8bb928b8bad4cd800bca5094f5fa501330d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: a0991929
date: Mon, 22 Jan 2024 03:04:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240112163219357BAB55F042FB692A14
x-tt-trace-id: 00-240112163219357BAB55F042FB692A14-74860DB59B5C07F1-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-195-36-74.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0197ee86886cbfdf37416e59c17c3b79272cf728246951c126370b78c2402785da1dcde788e8ec06fff53aad67672bdbaa815aedc3768a47d1c6fa1c669e819216b63eebaeffedc6e9ad79e91ecd07ad7ddecc4085facd363a6fadf6ef122cdae7
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 103304

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
92 KB 29ms
29ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TE5Y97YKC8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbb3364fe36fae0633e0985b8acdf15f92a8662d168895ae0a894ab798ffa9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94429
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 03:04:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 15ms
4ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 03:04:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57023
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: v3bRAcOx9GdEPEJstQ6kDbnr1imkDrmq/5BFRWTyzgUcqUkakwr/llSE8nNYQLtHhLFyYCRNM/2qON6gz2DJbQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
4ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 01:51:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4365
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 22 Jan 2024 03:51:43 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 46ms
15ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 22 Jan 2024 03:04:27 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF555FEDC74A49478582FA3B0B258FC0 Ref B: EWR30EDGE0712 Ref C: 2024-01-22T03:04:28Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 hotjar-2147602.js Show response
static.hotjar.com/c/ 9 KB
4 KB 168ms
115ms Script
application/javascript 52.84.18.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2147602.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.18.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-18-89.ord53.r.cloudfront.net

Software

Resource Hash

c01c5957807afe596d0fd205690e4d22c3dceed840b2bd93ae98846c600891ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 03:04:28 GMT
via: 1.1 45f7a9f71c0699bf3c7150b3ddfe488c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C2
etag: W/1fda58101259ce14065c3c45ada3dae1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: o1D4qzDN6K1IMhQPKZm9ZN84ZwwOxJcwIvPdXB6C5THHiErBitl6kg==

GET
H/1.1 200
OK uniclick.js Show response
detour.datingalpha.net/ 5 KB
5 KB 106ms
12ms Script
text/plain 108.62.123.181
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://detour.datingalpha.net/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=65523e2b03a3e500010e90da&regviewonce=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 108.62.123.181 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 648114310492d12a9858030eb33cb6badb6219c8e96dc402ecd86354d17793bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 03:04:28 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 adu_affaerentreff_de.js Show response
scripts.azshopp.com/scripts/ 22 B
563 B 83ms
38ms Script
text/javascript 2606:4700:3036::ac43:9c50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.azshopp.com/scripts/adu_affaerentreff_de.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b69dbf32872647ab14e3d00c71a610cd16ab16db42a9fb1dc7add247b2bde55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-runtime: 0.017276
date: Mon, 22 Jan 2024 03:04:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3b69dbf32872647ab14e3d00c71a610c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZVKAyzgvGWlESBCBEpHt7mm0BbzvC9Fv7BobIbSKqDaxqhzynF2oERNTMTNyTo0WMDbfpHknYzykCzSffisT2CTAhOs9tCzoiJlfj3wr6hxFm3ENIsZel8T%2FI%2FlD6fekRlTp78MRsOzg%2BGa9NCtfZ8A"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 849491dbdbf64356-EWR
alt-svc: h3=":443"; ma=86400
content-length: 22
x-request-id: 5e69871b-59b1-4f82-b4e6-82bff7126d75

GET
H2 200 identify_55404.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 62ms
61ms Script
application/javascript 23.48.224.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: a0991f3d
date: Mon, 22 Jan 2024 03:04:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240104151451DB061653E0421D4370EB
x-tt-trace-id: 00-240104151451DB061653E0421D4370EB-4651735D7D7D4739-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-195-36-74.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e02dc4431cff0f39f8dbd13845277e5f3cbc20fca92aac715ef6568e8bce9aedafa88abc40a40c304d822eaef1d092d432950ba7fadf1c6a22aa1f4bcaf4102858ee8def5b03d80531352872d26b6056154a74e8d1105b955f86733d72212efb
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 37086

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
703 B 129ms
128ms Ping
text/plain 23.48.224.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.affaerentreff.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a0992220
date: Mon, 22 Jan 2024 03:04:28 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240122030428A95FACFDF63B3F06C341-7EE5EC5FB0A61468-00
x-cache: TCP_MISS from a23-195-36-74.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=47, cdn-cache; desc=MISS, edge; dur=9, origin; dur=101
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240122030428A95FACFDF63B3F06C341
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 101,23.195.36.74
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d6128b47a0a1209ce3c3d45e7548e3e86e65e8b82145d654f77a501ced4220d1c8699bd6406f707f34b32caee0474f2d4a086ea1409f4ebcd542b6771c904b344b4b61487bcad0707a2161f146316f4f4
access-control-allow-headers: Authorization,*
expires: Mon, 22 Jan 2024 03:04:28 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/447642286/ 2 KB
2 KB 57ms
29ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/447642286/?random=1705892668912&cv=11&fst=1705892668912&bg=ffffff&guid=ON&async=1&gtm=45be41h0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109&hn=www.googleadservices.com&frm=0&auid=1745300195.1705892669&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-447642286&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a8e0b4c868cd9a8013d4820772572afd549643fecb057b0513d7931bb488b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 03:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 550272220639696 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 66ms
64ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/550272220639696?v=2.9.141&r=stable&domain=www.affaerentreff.de

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57e5831a2725bab5e48878d007ced9d7c419eac909fae6d1b8ba07d271257960

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 03:04:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: HDV8nmVKCBk+nfntvv+v1hYrLl+1ZWHqAVswvAJUnGCp+CZQ0MNFYdPL0iaTbTDtCWTVgosp7+iEexAHXXLnWw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 19ms
17ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1382136072&t=pageview&_s=1&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1657398572&gjid=5981282&cid=2094792898.1705892669&tid=UA-167101890-5&_gid=714466002.1705892669&_r=1&gtm=45He41h0n81N53M925v852878785&cd1=0&cd3=0&cd4=0&cm1=0&gcd=11l1l1l1l1&dma=0&z=659762264

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.affaerentreff.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 03:04:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.affaerentreff.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translationsDE.js Show response
www.affaerentreff.de/translationsWL-affaerentreff/ 2 KB
2 KB 207ms
206ms Script
application/javascript 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/translationsWL-affaerentreff/translationsDE.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ad322908b8f139ba891aca56ac9bafef691e245cc93aae352cf41075c999ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"944321a3dcba8affaec998ff909f730a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: TqQa-tVexvQyo8LOkGV23nYswOVeFSBn79h7bO44g3cCtpGF7q9RQw==

GET
H/1.1 200
OK 65523e2b03a3e500010e90da Show response
detour.datingalpha.net/ 200 B
1 KB 71ms
39ms XHR
application/json 108.62.123.181
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://detour.datingalpha.net/65523e2b03a3e500010e90da?format=json&referrer=&a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109&sub19=undefined&sub20=undefined
Requested by: Host: detour.datingalpha.net
URL: https://detour.datingalpha.net/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=65523e2b03a3e500010e90da&regviewonce=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 108.62.123.181 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 5307154028c92b4853d1f5d98af1bc68f9c4b6ef61a6efaaa5aaeea92818217c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 03:04:29 GMT
Server: nginx/1.20.2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 200

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 28ms
21ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TE5Y97YKC8&gtm=45je41h0v9104833779z8852878785&_p=1705892668593&gcd=11l1l1l1l1&dma=0&cid=2094792898.1705892669&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705892669&sct=1&seg=0&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109&dt=&en=page_view&_fv=1&_ss=1&ep.anonymizeIp=true&ep.transport=beacon&up.is_premium=0&up.custom_user_id=0&up.match_count=0&tfd=2483
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE5Y97YKC8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 03:04:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.affaerentreff.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 134506284.js Show response
bat.bing.com/p/action/ 0
118 B 22ms
22ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134506284.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 22 Jan 2024 03:04:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B9DEADF874544678E8B421C4B8CE3FD Ref B: EWR30EDGE0712 Ref C: 2024-01-22T03:04:29Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 26ms
26ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134506284&tm=gtm002&Ver=2&mid=641b7aef-9e54-44a2-997e-1875d6c087c5&sid=f5308470b8d211ee94dff343a4ddc6ac&vid=f533b660b8d211ee9531cf5d263c34d6&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109&r=&lt=2049&evt=pageLoad&sv=1&rn=756868

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 03:04:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 749B3397885543DFAF5B05D5204F4769 Ref B: EWR30EDGE0712 Ref C: 2024-01-22T03:04:29Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
702 B 69ms
68ms Ping
text/plain 23.48.224.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.affaerentreff.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a09933fe
date: Mon, 22 Jan 2024 03:04:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240122030429B50DED0E0677EA0793D7-014DA19AA77AD4DC-00
x-cache: TCP_MISS from a23-195-36-74.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=24, cdn-cache; desc=MISS, edge; dur=8, origin; dur=32
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240122030429B50DED0E0677EA0793D7
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.195.36.74
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d6128b47a0a1209ce3c3d45e7548e3e86502299d139d16b68c9d0f796a04410b78f6df9b5e8de239fef150034519437044fcd0a5022b9706e8c971ee3bec0057fc651f9a398e31d2dedad74b81ff03375
access-control-allow-headers: Authorization,*
expires: Mon, 22 Jan 2024 03:04:29 GMT

GET
H2 200 modules.2472296d2d26f0040059.js Show response
script.hotjar.com/ 219 KB
55 KB 245ms
27ms Script
application/javascript 54.230.18.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.2472296d2d26f0040059.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2147602.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.18.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-18-36.ord51.r.cloudfront.net

Software

Resource Hash

5bdaa2d2fac01a05dee8737ec7b70ad184651961d3a3998c1efa7cf147ae1ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9794131c7bb04fc4e67e5b7c1f838514.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C3
age: 563302
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55620
last-modified: Mon, 15 Jan 2024 14:36:02 GMT
etag: "5f2cc7c8ec157af965fb3409029f8b70"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: a2vldqtBOmHT_fLlkNVXCzL6sy7o_RP7pHFeWV2UOl3yFsNl9mjgNg==

GET
H/1.1 204
No Content view Show response
detour.datingalpha.net/ 0
306 B 217ms
217ms XHR
text/plain 108.62.123.181
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://detour.datingalpha.net/view?clickid=65addb3dd885a10001c934a7&referrer=
Requested by: Host: detour.datingalpha.net
URL: https://detour.datingalpha.net/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=65523e2b03a3e500010e90da&regviewonce=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 108.62.123.181 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Jan 2024 03:04:29 GMT
Server: nginx/1.20.2
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H2 200 /
www.google.com/pagead/1p-user-list/447642286/ 42 B
455 B 232ms
24ms Image
image/gif 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/447642286/?random=1705892668912&cv=11&fst=1705892400000&bg=ffffff&guid=ON&async=1&gtm=45be41h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_KgkhX_vD9C64HuokQHKu7bn9jBpXIA&random=1888634767&rmt_tld=0&ipr=y

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 03:04:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.css
www.affaerentreff.de/resourcesWL-Affaerentreff/ 15 KB
3 KB 191ms
190ms Stylesheet
text/css 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/resourcesWL-Affaerentreff/main.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9f32e21bb384c67c6f238522394c74875eda4887ab952c87ba29c394778e2d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 15 Jan 2024 15:26:26 GMT
server: AmazonS3
etag: W/"15c8ce820fe2ad99c76c39ccefad44b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: C3DE_BkCaOQwS2TzCDeIoJ-jP1LEBNudbo-3M3ZK7U0stR482wwOog==

GET
H2 200 termsAndPolicies_de.js Show response
cdn.aisgmbh.at/tos/ 56 KB
16 KB 295ms
39ms Script
application/javascript 65.8.49.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aisgmbh.at/tos/termsAndPolicies_de.js
Requested by: Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.49.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-49-61.ord52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7fd5e5134415291d0b0e97ed853f79104e090b566b39b2a6ce854621817f4d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: kfPp4iKvdGJ_7lz3kj_PirhHBU2u57qr
content-encoding: br
via: 1.1 edfd10c592a6866f13503e27961f8302.cloudfront.net (CloudFront)
date: Sun, 21 Jan 2024 23:51:35 GMT
last-modified: Thu, 27 Jul 2023 12:39:37 GMT
server: AmazonS3
x-amz-cf-pop: ORD52-C3
age: 11574
x-amz-server-side-encryption: AES256
etag: W/"43494d2a12a5d8a436a3beed95aeacc3"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -RZ6k3yMIu29Zz7NtlFFWHdcGNdyr_EADFIdDuJX2hyDzxbL-yHhcA==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 33ms
6ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=550272220639696&ev=PageView&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109&rl=&if=false&ts=1705892669437&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705892669435.737443298&ler=empty&it=1705892668950&coo=false&cdl=&rqm=GET

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 03:04:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 BG-1.jpg
www.affaerentreff.de/resourcesWL-Affaerentreff/images/lpbgs/lp7/ 166 KB
166 KB 208ms
206ms Image
image/jpeg 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.affaerentreff.de/resourcesWL-Affaerentreff/images/lpbgs/lp7/BG-1.jpg

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

58033759e0c57ce460edd0263d8e1459b4fe3e0f972ce16bcba51f1417b0b9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 169777
last-modified: Mon, 15 Jan 2024 15:26:27 GMT
server: AmazonS3
etag: "6fabf4809dccce55b9a9b9cfa6418894"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: as-cPhaf1xNncenrpldWkUr_MqR8jzXqbqZUnH6k7utdK7E5_UiJYA==

GET
H2 200 main-logo.png
www.affaerentreff.de/images/affaerentreff/ 12 KB
12 KB 386ms
385ms Image
image/png 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.affaerentreff.de/images/affaerentreff/main-logo.png

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bc38423f463c03c12ca83923df84a9aa856d55465682dc9dda239f6ae2ecdf0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 11939
last-modified: Mon, 15 Jan 2024 15:26:22 GMT
server: AmazonS3
etag: "39653e147551e245fb90f8b0230d6fef"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: 6vygSX0f9Y7ZqrF-rUAay5YOLJn_QtcWGFHKGh4opEVUXLP9PoCKgg==

GET
H2 200 austria.jpg
www.affaerentreff.de/images/flags/rect/ 2 KB
2 KB 189ms
188ms Image
image/jpeg 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.affaerentreff.de/images/flags/rect/austria.jpg

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

58c7b0ab7c6b0671f6ee2463aba8a22e8fbf5821798b88ec20b0717377f8d56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1992
last-modified: Mon, 15 Jan 2024 15:26:22 GMT
server: AmazonS3
etag: "958ca648c59661f9a732a58cff450b72"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: NdNuN-H_Qsd7k3rnfAT4zUQ2H0XAiDblY4lzrkAK7xgT_eNDcthbPg==

GET
H2 200 switzerland.jpg
www.affaerentreff.de/images/flags/rect/ 3 KB
4 KB 194ms
194ms Image
image/jpeg 2600:9000:24d4:7000:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.affaerentreff.de/images/flags/rect/switzerland.jpg

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24d4:7000:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b9fd04adbd083260a6ebf0f823e996ff66c6360bc55f6eab59d9bd86ce9a9c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=58_&data2=fff51044bed64591a6707d33a4df8109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 c5298a869be79e45d81d584d2ebd6280.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3454
last-modified: Mon, 15 Jan 2024 15:26:22 GMT
server: AmazonS3
etag: "1f45497a26bb07861cd859965dfdffc2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: 9rYq0Y900eJWM7UC-a-FHNjmq2CJ-aTIKvqpV8fBmWon403YZ7y1IQ==

GET
H2 200 track_visit.php Show response
ais.ladesk.com/scripts/ 263 B
576 B 85ms
84ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/track_visit.php?t=Y&C=Track&B=49spnq7vktg7xyy3xbj3ipcx82aku&S=dsxqiczacg15k81g1ckuke1lmrlbv&pt=AFFAERENTREFF&url=__S__www.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109&ref=&sr=1600x1200&ud=%7B%7D&vn=Y&ci=&jstk=Y

Requested by

Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

6aaf5f1c3231cdbd1e5cf84105ed00d2ad1955868178b8b3e3ca3e0279580616

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 2
age: 13
content-length: 206
pragma
last-modified: Mon, 22 Jan 2024 03:04:16 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 124969120 125551242
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 button.php Show response
ais.ladesk.com/scripts/ 605 B
746 B 84ms
83ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/button.php?ChS=UTF-8&C=Widget&i=q2dm1s7e&p=__S__www.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109

Requested by

Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

82ce6fb6b42c28732da9177d5a416ff047fcc8a8f3419143268e59d2e3280062

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 5
age: 13
content-length: 364
pragma
last-modified: Mon, 22 Jan 2024 03:04:17 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-varnish: 125608987 125040114
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bus.html Show response
2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/ Frame 8AA7 315 B
263 B 434ms
89ms Document
text/html 172.104.244.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Requested by: Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1821-5.members.linode.com
Software: nginx /
Resource Hash: 5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3

Request headers

Referer: https://www.affaerentreff.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 22 Jan 2024 03:04:30 GMT
etag: W/"65a8f8e4-13b"
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx

GET
H2 200 generateWidget.php Show response
ais.ladesk.com/scripts/ Frame 1E4B 31 KB
8 KB 113ms
112ms Document
text/html 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1705901895&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109

Requested by

Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

07bfe355f807a4d3eb57572ccba18463c1ab1c7a3bcf7d1ac6ca00026e4aefc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.affaerentreff.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=31536000, public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 03:04:29 GMT
expires: Wed, 01 Jan 2025 08:00:00 GMT
last-modified: Tue, 01 Jan 2008 08:00:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish (1.lb-app.la.linode-de)
x-content-type-options: nosniff
x-srv: 2
x-varnish: 125744739

GET
H2 200 contact.css
ais.ladesk.com/themes/contact/material/ Frame 1E4B 122 KB
38 KB 87ms
85ms Stylesheet
text/css 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/themes/contact/material/contact.css?v=5.43.5.9

Requested by

Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1705901895&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

082585bdc55df3f819dd1110fe0c45188216be7495392d86e66a8fdd7bbd0c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 5
age: 720
content-length: 38329
last-modified: Thu, 18 Jan 2024 10:09:56 GMT
server: nginx
etag: W/"1e832-60f3590b92500"
vary: Accept-Encoding
content-type: text/css
x-varnish: 125067394 125801502
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 29 Jan 2024 02:52:29 GMT

GET
H2 200 bundle.e3f8621f3498fb9699e2.css
ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 1E4B 1 KB
895 B 171ms
169ms Stylesheet
text/css 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle.e3f8621f3498fb9699e2.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 3
age: 381
content-length: 533
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
etag: "582-60f358fc50100"
vary: Accept-Encoding
content-type: text/css
x-varnish: 125744767 125805053
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 29 Jan 2024 02:58:09 GMT

GET
H2 200 bundle-eafdd79a1bd0f6d216d9.esm.js Show response
ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 1E4B 40 KB
14 KB 173ms
172ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle-eafdd79a1bd0f6d216d9.esm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

7d2fbdfcd907629e01ea9a0a8552ba3cfbd9746c84566979d9b357ec34809211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 2
age: 1159
content-length: 14067
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
etag: W/"9ff3-60f358fc50100"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 125067396 125249877
cache-control: max-age=21600
accept-ranges: bytes
expires: Mon, 22 Jan 2024 08:45:10 GMT

GET
H2 200 stringutils-2e5dc2bf3827eb702243.esm.js Show response
ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 1E4B 203 KB
79 KB 174ms
173ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/stringutils-2e5dc2bf3827eb702243.esm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

7d987df37a77ea9fd733426e20b6d9ace83c0c8c4b13449db503edd1eda1402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 5
age: 1159
content-length: 80454
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
etag: W/"32c4b-60f358fc50100"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 126256203 124636844
cache-control: max-age=21600
accept-ranges: bytes
expires: Mon, 22 Jan 2024 08:45:10 GMT

GET
H2 200 default-contactwidget-logo.png
ais.ladesk.com/themes/install/_common_templates/img/ Frame 1E4B 5 KB
6 KB 173ms
173ms Image
image/png 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ais.ladesk.com/themes/install/_common_templates/img/default-contactwidget-logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

79751345f970ff2b3b5e916ba4523b96879a6a35579448da500bcdb6fa77e690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
via: 1.1 varnish (1.lb-app.la.linode-de)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-srv: 1
age: 770
content-length: 5388
last-modified: Thu, 18 Jan 2024 10:09:56 GMT
server: nginx
etag: "150c-60f3590b92500"
vary: Accept-Encoding
content-type: image/png
x-varnish: 117595039 124068911
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 29 Jan 2024 02:51:40 GMT

GET
H2 200 postmessage_bundle.js Show response
2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/ Frame 8AA7 2 KB
2 KB 88ms
87ms Script
application/javascript 172.104.244.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/postmessage_bundle.js
Requested by: Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1821-5.members.linode.com
Software: nginx /
Resource Hash: fd217f54257ddc2df28c0866613b5e7b1cf450610240f5bf651d1c2c5267dd3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
accept-ranges: bytes
etag: "65a8f8e4-812"
content-length: 2066
content-type: application/javascript

GET
H2 200 pushstream_bundle.js Show response
2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/ Frame 8AA7 20 KB
20 KB 176ms
175ms Script
application/javascript 172.104.244.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/pushstream_bundle.js
Requested by: Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1821-5.members.linode.com
Software: nginx /
Resource Hash: ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
accept-ranges: bytes
etag: "65a8f8e4-50d0"
content-length: 20688
content-type: application/javascript

GET
H2 200 bus_bundle.js Show response
2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/ Frame 8AA7 2 KB
2 KB 177ms
176ms Script
application/javascript 172.104.244.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/bus_bundle.js
Requested by: Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1821-5.members.linode.com
Software: nginx /
Resource Hash: 2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
accept-ranges: bytes
etag: "65a8f8e4-8ca"
content-length: 2250
content-type: application/javascript

GET
H2 304 v2 Show response
2-vbus-de.ladesk.com/5_43_5_9/u446666_8543/49spnq7vktg7xyy3xbj3ipcx82aku/event/lp/ Frame 8AA7 0
161 B 92ms
92ms XHR 172.104.244.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://2-vbus-de.ladesk.com/5_43_5_9/u446666_8543/49spnq7vktg7xyy3xbj3ipcx82aku/event/lp/v2?channels=cd88f128ae_vb_dsxqiczacg15k81g1ckuke1lmrlbv&tag=0&time=Sun%2C%2021%20Jan%202024%2022%3A54%3A30%20GMT&eventid=&_=1705892670324
Requested by: Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/pushstream_bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1821-5.members.linode.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:04:30 GMT
last-modified: Sun, 21 Jan 2024 22:54:30 GMT
server: nginx
etag: W/0
content-type: application/octet-stream
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST collect
www.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TE5Y97YKC8&gtm=45je41h0v9104833779&_p=1705892668593&gcd=11l1l1l1l1&dma=0&cid=2094792898.1705892669&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705892669&sct=1&seg=0&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D58_%26data2%3Dfff51044bed64591a6707d33a4df8109&dt=&en=scroll&ep.anonymizeIp=true&ep.transport=beacon&epn.percent_scrolled=90&_et=55&tfd=7543

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tiktok.com/	1970-01-21 03:13:08	Name: _ttp Value: 2bIBN3lEaLbxNBAGoAdiSg7WYnZ
.postaffiliatepro.com/	1970-01-20 17:51:32	Name: PAPAffiliateId Value: vivero
.postaffiliatepro.com/	1970-01-21 02:37:29	Name: PAPVisitorId Value: ncaakkUaDLvh9gF3O2WGzS6MDeiLoHHA
.affaerentreff.de/	1970-01-21 02:37:08	Name: PAPVisitorId Value: ncaakkUaDLvh9gF3O2WGzS6MDeiLoHHA
.www.affaerentreff.de/	1970-01-21 02:37:08	Name: PAPVisitorId Value: ncaakkUaDLvh9gF3O2WGzS6MDeiLoHHA
.affaerentreff.de/	1970-01-21 03:13:08	Name: _tt_enable_cookie Value: 1
.affaerentreff.de/	1970-01-21 03:13:08	Name: _ttp Value: z8o-YljDALQryJf-blQ0iLx7rV0
.affaerentreff.de/	1970-01-20 20:01:08	Name: _gcl_au Value: 1.1.1745300195.1705892669
.affaerentreff.de/	1970-01-20 17:52:59	Name: _gid Value: GA1.2.714466002.1705892669
.affaerentreff.de/	1970-01-20 17:51:32	Name: _gat_UA-167101890-5 Value: 1
.doubleclick.net/	1970-01-20 17:51:33	Name: test_cookie Value: CheckForPermission
.affaerentreff.de/	1970-01-21 03:27:32	Name: _ga Value: GA1.1.2094792898.1705892669
.affaerentreff.de/	1970-01-20 17:52:59	Name: _uetsid Value: f5308470b8d211ee94dff343a4ddc6ac
.affaerentreff.de/	1970-01-21 03:13:08	Name: _uetvid Value: f533b660b8d211ee9531cf5d263c34d6
.affaerentreff.de/	1970-01-21 03:27:32	Name: _ga_TE5Y97YKC8 Value: GS1.1.1705892669.1.0.1705892669.0.0.0
.bing.com/	1970-01-21 03:13:08	Name: MUID Value: 173C554FCFA9626A1A3D4141CEB063EC
.bat.bing.com/	1970-01-20 18:01:37	Name: MR Value: 0
www.affaerentreff.de/	1970-01-20 20:01:08	Name: rtkclickid-store Value: 65addb3dd885a10001c934a7
www.affaerentreff.de/	1970-01-20 17:52:59	Name: LaVisitorNew Value: Y
.affaerentreff.de/	1969-12-31 23:59:59	Name: LaVisitorId_YWlzLmxhZGVzay5jb20v Value: 49spnq7vktg7xyy3xbj3ipcx82aku
www.affaerentreff.de/	1969-12-31 23:59:59	Name: LaSID Value: dsxqiczacg15k81g1ckuke1lmrlbv
www.affaerentreff.de/	1969-12-31 23:59:59	Name: a_aid Value: vivero
www.affaerentreff.de/	1969-12-31 23:59:59	Name: a_bid Value: 5316627b
.affaerentreff.de/	1970-01-20 20:01:08	Name: _fbp Value: fb.1.1705892669435.737443298
.affaerentreff.de/	1970-01-21 02:37:08	Name: _hjSessionUser_2147602 Value: eyJpZCI6ImFkZDA5ZWEyLTRmZGMtNTZhZC05NzEwLTBiOWNkZTFhMzhkZiIsImNyZWF0ZWQiOjE3MDU4OTI2Njk1OTMsImV4aXN0aW5nIjpmYWxzZX0=
.affaerentreff.de/	1970-01-20 17:51:34	Name: _hjIncludedInSessionSample_2147602 Value: 0
.affaerentreff.de/	1970-01-20 17:51:34	Name: _hjSession_2147602 Value: eyJpZCI6IjZjNDMyYzhmLWUzMmEtNDc4ZC1iODhhLWIwMTA4MzkyYWI5NyIsImMiOjE3MDU4OTI2Njk1OTQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
www.affaerentreff.de/	1969-12-31 23:59:59	Name: LaUserDetails Value: %7B%22t_country_code%22%3A%22de%22%2C%22t_product%22%3A%22AffaerenTreff%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2-vbus-de.ladesk.com
50slove.postaffiliatepro.com
ais.ladesk.com
analytics.tiktok.com
bat.bing.com
cdn.aisgmbh.at
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
detour.datingalpha.net
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
script.hotjar.com
scripts.azshopp.com
static.hotjar.com
www.affaerentreff.de
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.vgnp3trk.com
www.google-analytics.com
108.62.123.181
172.104.238.149
172.104.244.5
23.48.224.106
2600:9000:24d4:7000:13:920a:46c0:93a1
2606:4700:3036::ac43:9c50
2606:4700::6811:180e
2606:4700::6812:acf
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:821::2004
2607:f8b0:4006:824::2008
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::485
34.117.39.110
52.84.18.89
54.230.18.36
65.8.49.61
91.201.28.212
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
07bfe355f807a4d3eb57572ccba18463c1ab1c7a3bcf7d1ac6ca00026e4aefc3
082585bdc55df3f819dd1110fe0c45188216be7495392d86e66a8fdd7bbd0c92
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
134f038d354ff9d5fbdcf639c79a7b62cac791cf14e7384bdd936597c64def0a
291b8a5be6d7bd8d1e5bb6e5cbcb6c5312f1c7bb7da1e3b95ec8b2edbe836dba
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24
2eb32f5380149642f82d62b133d570647be67b2b75410f4110c33baad8e80d3c
30a2fd1f1d65fcb9aab83057288891808eb932fb9acdc7991cda1c25a8707f4b
3ad322908b8f139ba891aca56ac9bafef691e245cc93aae352cf41075c999ebf
3b69dbf32872647ab14e3d00c71a610cd16ab16db42a9fb1dc7add247b2bde55
3ea53a13e34d782e4408913319f375ca93d7af8f3f9edb75d8c7b1bceb07c9f8
3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15
5307154028c92b4853d1f5d98af1bc68f9c4b6ef61a6efaaa5aaeea92818217c
57e5831a2725bab5e48878d007ced9d7c419eac909fae6d1b8ba07d271257960
58033759e0c57ce460edd0263d8e1459b4fe3e0f972ce16bcba51f1417b0b9fc
58c7b0ab7c6b0671f6ee2463aba8a22e8fbf5821798b88ec20b0717377f8d56d
5947ef6027bc6932d1127559a678d83d3de81206a45eb6db97a068734cfd89ef
5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3
5bdaa2d2fac01a05dee8737ec7b70ad184651961d3a3998c1efa7cf147ae1ba1
5c452f8ec49b7c26c7b90d1ba2f656b231c06da6f51a99fb0dd1ebab8317c4fc
5c5f1af2e1e4ad251de63fdede5da5dde015eacd0b399971615e1c2aabd79322
5e2735602abdfa25ebbcd5f2606f2b768aae5f2cf20f835aa29c661e8dbfc33d
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e7bf7d34a51c9d6b9e0c8c9ab77599aeb40186375f11307684ded2b5e75a28b
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
648114310492d12a9858030eb33cb6badb6219c8e96dc402ecd86354d17793bc
6aaf5f1c3231cdbd1e5cf84105ed00d2ad1955868178b8b3e3ca3e0279580616
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73fcbaf2504050334e324594bc9b1b44eb2b8338a4b552dca1c4dfc99b0c99f4
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
79751345f970ff2b3b5e916ba4523b96879a6a35579448da500bcdb6fa77e690
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c7fb8e00906d9a203c24532e6b32838eec1ff36386136ce8ff6847d1e6a8364
7d2fbdfcd907629e01ea9a0a8552ba3cfbd9746c84566979d9b357ec34809211
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
7d987df37a77ea9fd733426e20b6d9ace83c0c8c4b13449db503edd1eda1402a
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
82ce6fb6b42c28732da9177d5a416ff047fcc8a8f3419143268e59d2e3280062
88246e7f5d30387f283df5907c2694534d3399cd71676d124b16705fb6ca9c00
8e052d8c61cf2bb73abe3b42a7ce6ab87e88653e9d1d263af3f37d728b948b32
8e30993ba98335c5da42a597b569fc5e1a3af35c39f69540e9b76f1cefe9d266
8f60768b08308fe3b28a553d14a7b13133e0ca71f718ef27d9fee159afe7767b
9040613debda8e0d015563aadf1aa5d2e0399a8865ef972fb90c29f0cab0a2c8
92f1c173a2fcb9611997bf02435f4a18f41ed65968b7b76d413d998e27f8236b
9a8e0b4c868cd9a8013d4820772572afd549643fecb057b0513d7931bb488b68
9f32e21bb384c67c6f238522394c74875eda4887ab952c87ba29c394778e2d87
a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467
a6a8a3a2eea52dace732bf19f82a8bb928b8bad4cd800bca5094f5fa501330d0
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7fd5e5134415291d0b0e97ed853f79104e090b566b39b2a6ce854621817f4d6
ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2
b00828aa594968071f062841833553f98541845061e2d1c3144da47acce5940d
b190768a27312ddecca5f1f2e2ef9c55a79457391e493fc514d4ce17ebd3b224
b9fd04adbd083260a6ebf0f823e996ff66c6360bc55f6eab59d9bd86ce9a9c59
bc38423f463c03c12ca83923df84a9aa856d55465682dc9dda239f6ae2ecdf0a
c01c5957807afe596d0fd205690e4d22c3dceed840b2bd93ae98846c600891ef
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d601f229247b261d18181988f7337b3f652165187f3c22a109821a50ea96a0f9
d8d86d69b9b4967ee807ccf018b87565ea035105aaea896baf5f6e8abb195932
dbb3364fe36fae0633e0985b8acdf15f92a8662d168895ae0a894ab798ffa9d9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2347f12c65dbad05f419068e3720c005ffc9e10d405e56f0a431225b2ab6681
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9d654ac900cbd8a09bb26c48a51260cb7d816c53c32ed69d4b2c90cb991d2a6
fd217f54257ddc2df28c0866613b5e7b1cf450610240f5bf651d1c2c5267dd3c

www.affaerentreff.de Open in urlscan Pro 2600:9000:24d4:7000:13:920a:46c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

99 %HTTPS

57 %IPv6

19 Domains

21 Subdomains

21 IPs

3 Countries

1444 kBTransfer

4099 kBSize

28 Cookies

11 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.affaerentreff.de Open in urlscan Pro
2600:9000:24d4:7000:13:920a:46c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

99 %
HTTPS

57 %
IPv6

19
Domains

21
Subdomains

21
IPs

3
Countries

1444 kB
Transfer

4099 kB
Size

28
Cookies

77 HTTP transactions
0 data transactions