urlscan.io logo urlscan.io
SecurityTrails logo

www.kaufmich.com Open in urlscan Pro
213.208.151.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.kaufmich.com/shantijolie
Effective URL: https://www.kaufmich.com/shantijolie
Submission: On March 05 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 36 HTTP transactions. The main IP is 213.208.151.6, located in Vienna, Austria and belongs to NEXTLAYER-AS, AT. The main domain is www.kaufmich.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 27th 2020. Valid for: 2 years.
This is the only time www.kaufmich.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 213.208.151.6 1764 (NEXTLAYER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 213.208.151.97 1764 (NEXTLAYER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.22.98 15169 (GOOGLE)
5 94.130.51.92 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 213.208.151.21 1764 (NEXTLAYER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
36 12
20    213.208.151.6 (Vienna, Austria)

ASN1764 (NEXTLAYER-AS, AT)
www.kaufmich.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    213.208.151.97 (Vienna, Austria)

ASN1764 (NEXTLAYER-AS, AT)
img-6.kaufmich.com
img-8.kaufmich.com
img-5.kaufmich.com
1    2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net
www.googleadservices.com
5    94.130.51.92 (Darmstadt, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: pm-staging.orbita1.ru
ad.playamedia.com
strawberry.playamedia.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    213.208.151.21 (Vienna, Austria)

ASN1764 (NEXTLAYER-AS, AT)
ads.playamedia.com
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
20 www.kaufmich.com 1 redirects www.kaufmich.com
ssl.google-analytics.com
4 ad.playamedia.com www.kaufmich.com
ad.playamedia.com
text
3 ads.playamedia.com www.kaufmich.com
1 strawberry.playamedia.com text
1 www.google.de www.kaufmich.com
1 www.google.com www.kaufmich.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 ssl.google-analytics.com www.kaufmich.com
1 img-5.kaufmich.com www.kaufmich.com
1 img-8.kaufmich.com www.kaufmich.com
1 img-6.kaufmich.com www.kaufmich.com
1 www.googletagmanager.com www.kaufmich.com
0 truncated Failed ad.playamedia.com
36 14

This site contains links to these domains. Also see Links.

Domain
kaufmich.servicecenter.de
bigsister.kayako.com
www.jugendschutzprogramm.de
twitter.com
Subject Issuer Validity Valid
*.kaufmich.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-27 -
2022-02-27		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
ad.playamedia.com
COMODO RSA Domain Validation Secure Server CA		 2017-04-27 -
2020-05-11		 3 years crt.sh
ads.playamedia.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-10 -
2020-10-09		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
strawberry.playamedia.com
COMODO RSA Domain Validation Secure Server CA		 2017-04-29 -
2020-05-13		 3 years crt.sh

This page contains 3 frames:

Primary Page: https://www.kaufmich.com/shantijolie
Frame ID: 6AD5E89638516886DD60BE265C07DF29
Requests: 34 HTTP requests in this frame

Frame: data://truncated
Frame ID: AFDA695319E662C48A1B7AC39C7896AF
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: BA376B5173EB95BD213E505D3E88DAF6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.kaufmich.com/shantijolie HTTP 301
    https://www.kaufmich.com/shantijolie Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

36
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

14
Subdomains

12
IPs

3
Countries

664 kB
Transfer

1900 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.kaufmich.com/shantijolie HTTP 301
    https://www.kaufmich.com/shantijolie Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request shantijolie
www.kaufmich.com/
Redirect Chain
  • http://www.kaufmich.com/shantijolie
  • https://www.kaufmich.com/shantijolie
26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 / PHP/5.6.40
Resource Hash
fa9789db40fdc0311bc8df4b203b7107472790b4e231dcf40516a58c33d75cd4

Request headers

:method
GET
:authority
www.kaufmich.com
:scheme
https
:path
/shantijolie
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
404
server
openresty/1.13.6.1
date
Thu, 05 Mar 2020 04:42:52 GMT
content-type
text/html; charset=utf-8
x-powered-by
PHP/5.6.40
set-cookie
session_id=2grmrljvu8s7pmo9jtjugjbiu0; path=/; domain=.kaufmich.com image_link=0; expires=Thu, 05-Mar-2020 04:42:42 GMT; Max-Age=-10; path=/; domain=.kaufmich.com _vwo_uuid_v2=0; expires=Thu, 05-Mar-2020 04:42:42 GMT; Max-Age=-10; path=/; domain=.kaufmich.com wio_state=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.kaufmich.com
x-ua-compatible
IE=edge
content-encoding
gzip

Redirect headers

Server
openresty/1.13.6.1
Date
Thu, 05 Mar 2020 04:42:52 GMT
Content-Type
text/html
Content-Length
191
Connection
keep-alive
Location
https://www.kaufmich.com/shantijolie
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-818124340
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac02f18cba4c756bca31fbb5d720b242af59a56c7fc7549896d775edd4b72333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28477
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Mar 2020 04:42:52 GMT
all.537f66bf.js
www.kaufmich.com/js/bundle/ 		1 MB
392 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kaufmich.com/js/bundle/all.537f66bf.js
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
70823108d3a1f856bdc19308f8928fc11293286070fd3f88274503b6a52be6af

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
content-encoding
gzip
last-modified
Thu, 06 Feb 2020 10:30:55 GMT
server
openresty/1.13.6.1
etag
W/"5e3beadf-13a5ce"
status
200
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
leaflet.css
www.kaufmich.com/pack_src/leaflet/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kaufmich.com/pack_src/leaflet/leaflet.css?v=1.3.3
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

status
404
date
Thu, 05 Mar 2020 04:42:52 GMT
content-encoding
gzip
server
openresty/1.13.6.1
content-type
text/html
all.min.css
www.kaufmich.com/css/ 		281 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
c370ed65d0c525a4f57d818a1735e393601f77084f7e09d3b8e07c8edc6be1e0

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
content-encoding
gzip
last-modified
Thu, 06 Feb 2020 10:30:56 GMT
server
openresty/1.13.6.1
etag
W/"5e3beae0-46263"
status
200
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
ajax-indicator.gif
www.kaufmich.com/images/ 		583 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/ajax-indicator.gif
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
b9f6dd5edd1222b6fddbc439d64797ef90c669043cb1996a6598f1966563656a

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:56 GMT
server
openresty/1.13.6.1
etag
"5e3beae0-247"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
583
expires
Thu, 31 Dec 2037 23:55:55 GMT
1507810-6456f6ac22f50a2aca018eea3035c97a-60.jpg
img-6.kaufmich.com/6/4/5/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-6.kaufmich.com/6/4/5/1507810-6456f6ac22f50a2aca018eea3035c97a-60.jpg
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.97 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty /
Resource Hash
4695bed54e9081a7f07fa4c656d381555c2dea26ff4c0b36bc8db51ad1fb5267

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Wed, 05 Dec 2018 12:41:49 GMT
server
openresty
etag
"5c07c78d-7aa"
content-type
image/jpeg
status
200
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1962
expires
Thu, 31 Dec 2037 23:55:55 GMT
escort-60.png
www.kaufmich.com/images/placeholders/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/placeholders/escort-60.png
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
326de6fbf31615992e09a5caf720792309e4c8c3c527f4752c59a512ff0992d9

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:57 GMT
server
openresty/1.13.6.1
etag
"5e3beae1-471"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1137
expires
Thu, 31 Dec 2037 23:55:55 GMT
2063624-8de7341a5ef454a08343c39fabc9b731-60.jpg
img-8.kaufmich.com/8/d/e/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-8.kaufmich.com/8/d/e/2063624-8de7341a5ef454a08343c39fabc9b731-60.jpg
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.97 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty /
Resource Hash
56f93ca6c3c211828a5ff14f89b74815ced87ae94386f690a6c149a6c6cc53f2

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Tue, 02 Jan 2018 18:24:31 GMT
server
openresty
etag
"5a4bce5f-717"
content-type
image/jpeg
status
200
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1815
expires
Thu, 31 Dec 2037 23:55:55 GMT
5219250-5e7a58ffbb64c842912050bb724e97ee-60.jpg
img-5.kaufmich.com/5/e/7/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-5.kaufmich.com/5/e/7/5219250-5e7a58ffbb64c842912050bb724e97ee-60.jpg
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.97 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty /
Resource Hash
af6004bb9150b76e969a67eee417996559f10d0d312322824540c0148f0d3f7f

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Tue, 03 Mar 2020 00:37:13 GMT
server
openresty
etag
"5e5da6b9-548"
content-type
image/jpeg
status
200
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1352
expires
Thu, 31 Dec 2037 23:55:55 GMT
jusprog-age-xml-18.png
www.kaufmich.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/jusprog-age-xml-18.png
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
8254d7deb7d880781e9b2c671d8483467adc00b96ef4d3c09715ac9be19bda34

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:56 GMT
server
openresty/1.13.6.1
etag
"5e3beae0-8c2"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
2242
expires
Thu, 31 Dec 2037 23:55:55 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
497
date
Thu, 05 Mar 2020 04:34:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Thu, 05 Mar 2020 06:34:35 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-818124340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
c3631ac1c623c7498c038ddf390931387f2b76e517675efed274b1c95bd80b68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9943
x-xss-protection
0
server
cafe
etag
4339192439078300971
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Mar 2020 04:42:52 GMT
leaflet.css
www.kaufmich.com/pack_src/leaflet/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kaufmich.com/pack_src/leaflet/leaflet.css?v=1.3.3
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

status
404
date
Thu, 05 Mar 2020 04:42:52 GMT
content-encoding
gzip
server
openresty/1.13.6.1
content-type
text/html
bg_main.png
www.kaufmich.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/bg_main.png?9b1e3
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
67981842afb2c09f2ff33f1aab13f8c0fde1341b77741b74becd4234b507f202

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:56 GMT
server
openresty/1.13.6.1
etag
"5e3beae0-1371"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4977
expires
Thu, 31 Dec 2037 23:55:55 GMT
figuresErrors.png
www.kaufmich.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/figuresErrors.png?b55c0
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
7ea41ef9ea8376810d4818e444658fb732af0236f9006a2a7ea2bf40073e79ee

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:56 GMT
server
openresty/1.13.6.1
etag
"5e3beae0-5b8"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1464
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.kaufmich.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/logo.png?0e6a3
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
7b2d89c8a8dfec8884fef159ac3379deaae07098caeb588733ea0922320d6be9

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:56 GMT
server
openresty/1.13.6.1
etag
"5e3beae0-fdd"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4061
expires
Thu, 31 Dec 2037 23:55:55 GMT
arrowDown.png
www.kaufmich.com/images/icons/ 		111 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/icons/arrowDown.png?9775a
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
82ab1d03857948354c3c2a07c4011afe754ac24f4eebcd6773bbfa058bb18b3f

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:57 GMT
server
openresty/1.13.6.1
etag
"5e3beae1-6f"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
111
expires
Thu, 31 Dec 2037 23:55:55 GMT
searchSubmit.png
www.kaufmich.com/images/icons/ 		285 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/icons/searchSubmit.png?046b0
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
c3273b0d4b5f93703baa805cf35291f9f0f71b67adc1a5f6b7803d4f61e538aa

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:57 GMT
server
openresty/1.13.6.1
etag
"5e3beae1-11d"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
285
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg_error404.png
www.kaufmich.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/bg_error404.png?41752
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
3397fe19749655ffa055bc609bf4a6f9a0256cd226da5a9fd347c7e32b16b991

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:56 GMT
server
openresty/1.13.6.1
etag
"5e3beae0-1105"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4357
expires
Thu, 31 Dec 2037 23:55:55 GMT
bullet-star.png
www.kaufmich.com/images/ 		145 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/bullet-star.png?f54d8
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
ed9f0b2a283918d6db2981fea3167b568760cfda371e435cf1b7115adce9d7d1

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:57 GMT
server
openresty/1.13.6.1
etag
"5e3beae1-91"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
145
expires
Thu, 31 Dec 2037 23:55:55 GMT
bullet-9.gif
www.kaufmich.com/images/ 		87 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/bullet-9.gif?43b04
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
3ffbda6776fe40b7c198e51c0c19f26994b600303553d8ecfa4906e47c18bd28

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:56 GMT
server
openresty/1.13.6.1
etag
"5e3beae0-57"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
87
expires
Thu, 31 Dec 2037 23:55:55 GMT
avatar-default-60.png
www.kaufmich.com/images/avatars/ 		981 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/avatars/avatar-default-60.png?3f20a
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
ecd0a42d6307663a1ed7415a9f42da8c30a602837cc71273d0fde34a35639db3

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:56 GMT
server
openresty/1.13.6.1
etag
"5e3beae0-3d5"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
981
expires
Thu, 31 Dec 2037 23:55:55 GMT
show.min.js
ad.playamedia.com/resources/ 		73 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.playamedia.com/resources/show.min.js
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.51.92 Darmstadt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pm-staging.orbita1.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4314e8fc13db5ad280a14c06bc6bcfafaafc55e1e5119d451a1f356280ee2ece

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 05 Mar 2020 04:42:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Sep 2019 14:48:55 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/x-javascript
social_icons.png
www.kaufmich.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/social_icons.png?bde1e
Requested by
Host: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/ga.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
c6a1cec88a8f1f8326ad43e8cc60c1415f573d1354bbec8a05a1ad2277970191

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:56 GMT
server
openresty/1.13.6.1
etag
"5e3beae0-645"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1605
expires
Thu, 31 Dec 2037 23:55:55 GMT
phone.png
www.kaufmich.com/images/icons/ 		423 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kaufmich.com/images/icons/phone.png?8d87a
Requested by
Host: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/ga.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.6 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
48008f47f5e324594e87d026c98ea5ebc2fbe24514045319c4f81a94fc2aaba5

Request headers

Referer
https://www.kaufmich.com/css/all.min.css?v=h8a6a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 04:42:52 GMT
last-modified
Thu, 06 Feb 2020 10:30:57 GMT
server
openresty/1.13.6.1
etag
"5e3beae1-1a7"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
423
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/818124340/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/818124340/?random=1583383372672&cv=9&fst=1583383372672&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2q2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.kaufmich.com%2Fshantijolie&tiba=Kaufmich!%20Escort%2C%20Hobby-Huren%2C%20Domina%20%26%20Bordell-Community&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9694ec50f358f572252da2abb225472e2aab1c89ea1fa86ba25a326b664f2899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Thu, 05 Mar 2020 04:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spcjs.php
ads.playamedia.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.playamedia.com/spcjs.php?id=8&g=guest
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/js/bundle/all.537f66bf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.21 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 / PHP/5.6.30
Resource Hash
79e2118a45ec0895906e3adae2a43dce8d0b4873fc46c7023b7103060653bbd7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 05 Mar 2020 04:42:52 GMT
Content-Encoding
gzip
Server
openresty/1.13.6.1
X-Powered-By
PHP/5.6.30
X-Frame-Options
SAMEORIGIN
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Mar 2020 04:42:51 GMT
/
www.google.com/pagead/1p-user-list/818124340/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/818124340/?random=1583383372672&cv=9&fst=1583380800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2q2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.kaufmich.com%2Fshantijolie&tiba=Kaufmich!%20Escort%2C%20Hobby-Huren%2C%20Domina%20%26%20Bordell-Community&async=1&fmt=3&is_vtc=1&random=2562281390&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 05 Mar 2020 04:42:52 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/818124340/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/818124340/?random=1583383372672&cv=9&fst=1583380800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2q2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.kaufmich.com%2Fshantijolie&tiba=Kaufmich!%20Escort%2C%20Hobby-Huren%2C%20Domina%20%26%20Bordell-Community&async=1&fmt=3&is_vtc=1&random=2562281390&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/shantijolie
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 05 Mar 2020 04:42:52 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
std
ad.playamedia.com/show/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.playamedia.com/show/std?scid=186&f=js&sc=theAd_banner_dM7qKTH6vB&c1=E0E0E0&c2=ffffff&f1=Tahoma&fs1=medium&c3=0053F9&w1=normal&s1=normal&f2=Tahoma&fs2=medium&c4=000000&w2=normal&s2=normal&f3=Tahoma&fs3=medium&c5=828282&w3=normal&s3=normal&c6=5B99FE&ref=&loc=https%3A%2F%2Fwww.kaufmich.com%2Fshantijolie&tuid=1288bnh0k63k000
Requested by
Host: ad.playamedia.com
URL: https://ad.playamedia.com/resources/show.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.51.92 Darmstadt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pm-staging.orbita1.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1372ede4bf460d8201bf0cd32681692ee5820cf3e77b31cfa150c5b4b94e2716

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 05 Mar 2020 04:42:52 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf8
truncated
/ Frame AFDA 		0
0
truncated
/ Frame BA37 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
684c0e56aeed1b0172a179a0f677e22355eeb4e3ea5f2cf02b2d2c1a5706992b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
e10bc8b1362829874fb647e243ef2f08.gif
strawberry.playamedia.com/system/files/images/23/ Frame BA37 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://strawberry.playamedia.com/system/files/images/23/e10bc8b1362829874fb647e243ef2f08.gif
Requested by
Host: text
URL: data:text/html;charset=utf-8,%3Cbase%20href%3D%22https%3A%2F%2Fad.playamedia.com%2Fshow%2F%22%20target%3D%22_parent%22%3E%0A%3C!DOCTYPE%20html%3E%0A%3Chtml%3E%0A%3Chead%3E%0A%20%20%20%20%3Cmeta%20http-equiv%3D%22Content-Type%22%20content%3D%22text%2Fhtml%3B%20charset%3DUTF-8%22%20%2F%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%2C%20initial-scale%3D1.0%22%20%2F%3E%0A%20%20%20%20%3Cstyle%20type%3D%22text%2Fcss%22%3E%0A%20%20%20%20body%2Chtml%7Bmargin%3A0%3Bpadding%3A0%7D%0A%20%20%20%20%23banner%7Bbackground-color%3A%23fff%3Bwidth%3A300px%3Bheight%3A250px%3Bposition%3Arelative%7D%0A%20%20%20%20.ah%7Bposition%3Aabsolute%3Bbottom%3A0px%3Bright%3A0px%3Bwidth%3A106px%3Bheight%3A22px%7D%0A%20%20%20%20.ah%20a%7Bdisplay%3Ablock%3Bfont%3Anormal%20bold%2011px%20tahoma%3Bcolor%3A%23ffffff%3Bheight%3A22px%3Bline-height%3A22px%3Btext-align%3Aright%3Bmargin-right%3A3px%7D%0A%20%20%20%20.ah.tx%7Bheight%3A18px%7D%0A%20%20%20%20.ah.tx%20a%7Bheight%3A18px%3Bline-height%3A18px%7D%0A%20%20%20%20.ah.pre%7Bwidth%3A25px%7D%0A%20%20%20%20.ah%20.ar%7Bmargin-left%3A5px%7D%0A%20%20%20%20a%7Btext-decoration%3Anone%7D%0A%20%20%20%20a%20img%7Bborder%3Anone%7D%0A%0A%3C%2Fstyle%3E%0A%20%20%20%20%3Cscript%20type%3D%22application%2Fjavascript%22%3E%0A%20%20%20%20try%7B%0A%20%20%20%20%20%20%20%20var%20ready%3D(function()%7B%20var%20readyList%2CDOMContentLoaded%2Cclass2type%20%3D%20%7B%7D%3Bclass2type%5B%22%5Bobject%20Boolean%5D%22%5D%20%3D%20%22boolean%22%3Bclass2type%5B%22%5Bobject%20Number%5D%22%5D%20%3D%20%22number%22%3Bclass2type%5B%22%5Bobject%20String%5D%22%5D%20%3D%20%22string%22%3Bclass2type%5B%22%5Bobject%20Function%5D%22%5D%20%3D%20%22function%22%3Bclass2type%5B%22%5Bobject%20Array%5D%22%5D%20%3D%20%22array%22%3Bclass2type%5B%22%5Bobject%20Date%5D%22%5D%20%3D%20%22date%22%3Bclass2type%5B%22%5Bobject%20RegExp%5D%22%5D%20%3D%20%22regexp%22%3Bclass2type%5B%22%5Bobject%20Object%5D%22%5D%20%3D%20%22object%22%3Bvar%20ReadyObj%20%3D%20%7BisReady%3A%20false%2CreadyWait%3A%201%2CholdReady%3A%20function(%20hold%20)%20%7Bif%20(%20hold%20)%20%7BReadyObj.readyWait%2B%2B%3B%7D%20else%20%7BReadyObj.ready(%20true%20)%3B%7D%7D%2Cready%3A%20function(%20wait%20)%20%7Bif((wait%20%3D%3D%3D%20true%20%26%26%20!--ReadyObj.readyWait)%20%7C%7C%20(wait%20!%3D%3D%20true%20%26%26%20!ReadyObj.isReady)%20)%7Bif%20(%20!document.body%20)%20%7Breturn%20setTimeout(%20ReadyObj.ready%2C%201%20)%3B%7DReadyObj.isReady%20%3D%20true%3Bif%20(%20wait%20!%3D%3D%20true%20%26%26%20--ReadyObj.readyWait%20%3E%200%20)%20%7Breturn%3B%7DreadyList.resolveWith(%20document%2C%20%5B%20ReadyObj%20%5D%20)%3B%7D%7D%2CbindReady%3A%20function()%20%7Bif%20(%20readyList%20)%20%7Breturn%3B%7DreadyList%20%3D%20ReadyObj._Deferred()%3Bif%20(%20document.readyState%20%3D%3D%3D%20%22complete%22%20)%20%7Breturn%20setTimeout(%20ReadyObj.ready%2C%201%20)%3B%7Dif%20(%20document.addEventListener%20)%20%7Bdocument.addEventListener(%20%22DOMContentLoaded%22%2C%20DOMContentLoaded%2C%20false%20)%3Bwindow.addEventListener(%20%22load%22%2C%20ReadyObj.ready%2C%20false%20)%3B%7D%20else%20if%20(%20document.attachEvent%20)%20%7Bdocument.attachEvent(%20%22onreadystatechange%22%2C%20DOMContentLoaded%20)%3Bwindow.attachEvent(%20%22onload%22%2C%20ReadyObj.ready%20)%3Bvar%20toplevel%20%3D%20false%3Btry%20%7Btoplevel%20%3D%20window.frameElement%20%3D%3D%20null%3B%7D%20catch(e)%20%7B%7Dif%20(%20document.documentElement.doScroll%20%26%26%20toplevel%20)%20%7BdoScrollCheck()%3B%7D%7D%7D%2C_Deferred%3A%20function()%20%7Bvar%20callbacks%20%3D%20%5B%5D%2Cfired%2Cfiring%2Ccancelled%2Cdeferred%20%20%3D%20%7Bdone%3A%20function()%20%7Bif%20(%20!cancelled%20)%20%7Bvar%20args%20%3D%20arguments%2Ci%2Clength%2Celem%2Ctype%2C_fired%3Bif%20(%20fired%20)%20%7B_fired%20%3D%20fired%3Bfired%20%3D%200%3B%7Dfor%20(%20i%20%3D%200%2C%20length%20%3D%20args.length%3B%20i%20%3C%20length%3B%20i%2B%2B%20)%20%7Belem%20%3D%20args%5B%20i%20%5D%3Btype%20%3D%20ReadyObj.type(%20elem%20)%3Bif%20(%20type%20%3D%3D%3D%20%22array%22%20)%20%7Bdeferred.done.apply(%20deferred%2C%20elem%20)%3B%7D%20else%20if%20(%20type%20%3D%3D%3D%20%22function%22%20)%20%7Bcallbacks.push(%20elem%20)%3B%7D%7Dif%20(%20_fired%20)%20%7Bdeferred.resolveWith(%20_fired%5B%200%20%5D%2C%20_fired%5B%201%20%5D%20)%3B%7D%7Dreturn%20this%3B%7D%2CresolveWith%3A%20function(%20context%2C%20args%20)%20%7Bif%20(%20!cancelled%20%26%26%20!fired%20%26%26%20!firing%20)%20%7Bargs%20%3D%20args%20%7C%7C%20%5B%5D%3Bfiring%20%3D%201%3Btry%20%7Bwhile(%20callbacks%5B%200%20%5D%20)%20%7Bcallbacks.shift().apply(%20context%2C%20args%20)%3B%7D%7Dfinally%20%7Bfired%20%3D%20%5B%20context%2C%20args%20%5D%3Bfiring%20%3D%200%3B%7D%7Dreturn%20this%3B%7D%2Cresolve%3A%20function()%20%7Bdeferred.resolveWith(%20this%2C%20arguments%20)%3Breturn%20this%3B%7D%2CisResolved%3A%20function()%20%7Breturn%20!!(%20firing%20%7C%7C%20fired%20)%3B%7D%2Ccancel%3A%20function()%20%7Bcancelled%20%3D%201%3Bcallbacks%20%3D%20%5B%5D%3Breturn%20this%3B%7D%7D%3Breturn%20deferred%3B%7D%2Ctype%3A%20function(%20obj%20)%20%7Breturn%20obj%20%3D%3D%20null%20%3F%20String(%20obj%20)%20%3A%20class2type%5B%20Object.prototype.toString.call(obj)%20%5D%20%7C%7C%20%22object%22%3B%7D%7D%3Bfunction%20doScrollCheck()%7Bif%20(%20ReadyObj.isReady%20)%20%7Breturn%3B%7Dtry%20%7Bdocument.documentElement.doScroll(%22left%22)%3B%7D%20catch(e)%7BsetTimeout(%20doScrollCheck%2C%201%20)%3Breturn%3B%7DReadyObj.ready()%3B%7Dif(document.addEventListener)%7BDOMContentLoaded%20%3D%20function()%7Bdocument.removeEventListener(%20%22DOMContentLoaded%22%2C%20DOMContentLoaded%2C%20false%20)%3BReadyObj.ready()%3B%7D%3B%7D%20else%20if%20(%20document.attachEvent%20)%20%7BDOMContentLoaded%20%3D%20function()%20%7Bif%20(%20document.readyState%20%3D%3D%3D%20%22complete%22%20)%20%7Bdocument.detachEvent(%20%22onreadystatechange%22%2C%20DOMContentLoaded%20)%3BReadyObj.ready()%3B%7D%7D%3B%7Dfunction%20ready(fn)%7BReadyObj.bindReady()%3Bvar%20type%20%3D%20ReadyObj.type(%20fn%20)%3BreadyList.done(%20fn%20)%3B%7Dreturn%20ready%3B%7D)()%3B%0A%20%20%20%20%20%20%20%20ready(function()%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20top.postMessage(%7B'actionType'%3A'viewUrl'%2C'scriptContainer'%3A%22ifr_theAd_banner_dM7qKTH6vB%22%2C'url'%3A%22https%3A%2F%2Fad.playamedia.com%2Fviewability%3Fsid%3D7d8e6ed2-f01b-4639-b34f-0a2a2b75e344%22%7D%2C%20'*')%3B%0A%20%20%20%20%20%20%20%20%7D)%3B%0A%20%20%20%20%7Dcatch(e)%7B%0A%20%20%20%20%7D%0A%3C%2Fscript%3E%0A%3C%2Fhead%3E%0A%0A%0A%3Cbody%20style%3D%22margin%3A0%3Bpadding%3A0%3B%22%3E%0A%20%20%20%20%0A%3Cdiv%20id%3D%22banner%22%20class%3D%22adBannerBox%22%3E%0A%20%20%20%20%0A%20%20%20%20%0A%20%20%20%20%3Ca%20href%3D%22https%3A%2F%2Fad.playamedia.com%2Fclick%3Fid%3D8cebb4eb-1f30-417c-ae73-dd06b6bf8836%22%20target%3D%22_blank%22%3E%0A%20%20%20%20%20%20%20%20%3Cimg%20src%3D%22https%3A%2F%2Fstrawberry.playamedia.com%2Fsystem%2Ffiles%2Fimages%2F23%2Fe10bc8b1362829874fb647e243ef2f08.gif%22%20alt%3D%22traummann_300x250_v1B_GE.gif%22%20width%3D%22300%22%20height%3D%22250%22%20%2F%3E%0A%20%20%20%20%3C%2Fa%3E%0A%20%20%20%20%3Cimg%20src%3D%22https%3A%2F%2Fad.playamedia.com%2Fimpression%3Fid%3D8cebb4eb-1f30-417c-ae73-dd06b6bf8836%22%20width%3D%221%22%20height%3D%221%22%20%2F%3E%0A%20%20%20%20%0A%20%20%20%20%0A%0A%3C%2Fdiv%3E%0A%0A%20%20%20%20%3Cscript%20type%3D%22application%2Fjavascript%22%3E%0A%3C%2Fscript%3E%0A%3C%2Fbody%3E%0A%3C%2Fhtml%3E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.51.92 Darmstadt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pm-staging.orbita1.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
03796576b1210856b6ecb52fe46aee4f72437333784d10d331872ab597f801b9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 05 Mar 2020 04:42:52 GMT
Last-Modified
Thu, 17 May 2018 13:07:24 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5afd7e8c-fb4b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64331
impression
ad.playamedia.com/ Frame BA37 		68 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.playamedia.com/impression?id=8cebb4eb-1f30-417c-ae73-dd06b6bf8836
Requested by
Host: text
URL: data:text/html;charset=utf-8,%3Cbase%20href%3D%22https%3A%2F%2Fad.playamedia.com%2Fshow%2F%22%20target%3D%22_parent%22%3E%0A%3C!DOCTYPE%20html%3E%0A%3Chtml%3E%0A%3Chead%3E%0A%20%20%20%20%3Cmeta%20http-equiv%3D%22Content-Type%22%20content%3D%22text%2Fhtml%3B%20charset%3DUTF-8%22%20%2F%3E%0A%20%20%20%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%2C%20initial-scale%3D1.0%22%20%2F%3E%0A%20%20%20%20%3Cstyle%20type%3D%22text%2Fcss%22%3E%0A%20%20%20%20body%2Chtml%7Bmargin%3A0%3Bpadding%3A0%7D%0A%20%20%20%20%23banner%7Bbackground-color%3A%23fff%3Bwidth%3A300px%3Bheight%3A250px%3Bposition%3Arelative%7D%0A%20%20%20%20.ah%7Bposition%3Aabsolute%3Bbottom%3A0px%3Bright%3A0px%3Bwidth%3A106px%3Bheight%3A22px%7D%0A%20%20%20%20.ah%20a%7Bdisplay%3Ablock%3Bfont%3Anormal%20bold%2011px%20tahoma%3Bcolor%3A%23ffffff%3Bheight%3A22px%3Bline-height%3A22px%3Btext-align%3Aright%3Bmargin-right%3A3px%7D%0A%20%20%20%20.ah.tx%7Bheight%3A18px%7D%0A%20%20%20%20.ah.tx%20a%7Bheight%3A18px%3Bline-height%3A18px%7D%0A%20%20%20%20.ah.pre%7Bwidth%3A25px%7D%0A%20%20%20%20.ah%20.ar%7Bmargin-left%3A5px%7D%0A%20%20%20%20a%7Btext-decoration%3Anone%7D%0A%20%20%20%20a%20img%7Bborder%3Anone%7D%0A%0A%3C%2Fstyle%3E%0A%20%20%20%20%3Cscript%20type%3D%22application%2Fjavascript%22%3E%0A%20%20%20%20try%7B%0A%20%20%20%20%20%20%20%20var%20ready%3D(function()%7B%20var%20readyList%2CDOMContentLoaded%2Cclass2type%20%3D%20%7B%7D%3Bclass2type%5B%22%5Bobject%20Boolean%5D%22%5D%20%3D%20%22boolean%22%3Bclass2type%5B%22%5Bobject%20Number%5D%22%5D%20%3D%20%22number%22%3Bclass2type%5B%22%5Bobject%20String%5D%22%5D%20%3D%20%22string%22%3Bclass2type%5B%22%5Bobject%20Function%5D%22%5D%20%3D%20%22function%22%3Bclass2type%5B%22%5Bobject%20Array%5D%22%5D%20%3D%20%22array%22%3Bclass2type%5B%22%5Bobject%20Date%5D%22%5D%20%3D%20%22date%22%3Bclass2type%5B%22%5Bobject%20RegExp%5D%22%5D%20%3D%20%22regexp%22%3Bclass2type%5B%22%5Bobject%20Object%5D%22%5D%20%3D%20%22object%22%3Bvar%20ReadyObj%20%3D%20%7BisReady%3A%20false%2CreadyWait%3A%201%2CholdReady%3A%20function(%20hold%20)%20%7Bif%20(%20hold%20)%20%7BReadyObj.readyWait%2B%2B%3B%7D%20else%20%7BReadyObj.ready(%20true%20)%3B%7D%7D%2Cready%3A%20function(%20wait%20)%20%7Bif((wait%20%3D%3D%3D%20true%20%26%26%20!--ReadyObj.readyWait)%20%7C%7C%20(wait%20!%3D%3D%20true%20%26%26%20!ReadyObj.isReady)%20)%7Bif%20(%20!document.body%20)%20%7Breturn%20setTimeout(%20ReadyObj.ready%2C%201%20)%3B%7DReadyObj.isReady%20%3D%20true%3Bif%20(%20wait%20!%3D%3D%20true%20%26%26%20--ReadyObj.readyWait%20%3E%200%20)%20%7Breturn%3B%7DreadyList.resolveWith(%20document%2C%20%5B%20ReadyObj%20%5D%20)%3B%7D%7D%2CbindReady%3A%20function()%20%7Bif%20(%20readyList%20)%20%7Breturn%3B%7DreadyList%20%3D%20ReadyObj._Deferred()%3Bif%20(%20document.readyState%20%3D%3D%3D%20%22complete%22%20)%20%7Breturn%20setTimeout(%20ReadyObj.ready%2C%201%20)%3B%7Dif%20(%20document.addEventListener%20)%20%7Bdocument.addEventListener(%20%22DOMContentLoaded%22%2C%20DOMContentLoaded%2C%20false%20)%3Bwindow.addEventListener(%20%22load%22%2C%20ReadyObj.ready%2C%20false%20)%3B%7D%20else%20if%20(%20document.attachEvent%20)%20%7Bdocument.attachEvent(%20%22onreadystatechange%22%2C%20DOMContentLoaded%20)%3Bwindow.attachEvent(%20%22onload%22%2C%20ReadyObj.ready%20)%3Bvar%20toplevel%20%3D%20false%3Btry%20%7Btoplevel%20%3D%20window.frameElement%20%3D%3D%20null%3B%7D%20catch(e)%20%7B%7Dif%20(%20document.documentElement.doScroll%20%26%26%20toplevel%20)%20%7BdoScrollCheck()%3B%7D%7D%7D%2C_Deferred%3A%20function()%20%7Bvar%20callbacks%20%3D%20%5B%5D%2Cfired%2Cfiring%2Ccancelled%2Cdeferred%20%20%3D%20%7Bdone%3A%20function()%20%7Bif%20(%20!cancelled%20)%20%7Bvar%20args%20%3D%20arguments%2Ci%2Clength%2Celem%2Ctype%2C_fired%3Bif%20(%20fired%20)%20%7B_fired%20%3D%20fired%3Bfired%20%3D%200%3B%7Dfor%20(%20i%20%3D%200%2C%20length%20%3D%20args.length%3B%20i%20%3C%20length%3B%20i%2B%2B%20)%20%7Belem%20%3D%20args%5B%20i%20%5D%3Btype%20%3D%20ReadyObj.type(%20elem%20)%3Bif%20(%20type%20%3D%3D%3D%20%22array%22%20)%20%7Bdeferred.done.apply(%20deferred%2C%20elem%20)%3B%7D%20else%20if%20(%20type%20%3D%3D%3D%20%22function%22%20)%20%7Bcallbacks.push(%20elem%20)%3B%7D%7Dif%20(%20_fired%20)%20%7Bdeferred.resolveWith(%20_fired%5B%200%20%5D%2C%20_fired%5B%201%20%5D%20)%3B%7D%7Dreturn%20this%3B%7D%2CresolveWith%3A%20function(%20context%2C%20args%20)%20%7Bif%20(%20!cancelled%20%26%26%20!fired%20%26%26%20!firing%20)%20%7Bargs%20%3D%20args%20%7C%7C%20%5B%5D%3Bfiring%20%3D%201%3Btry%20%7Bwhile(%20callbacks%5B%200%20%5D%20)%20%7Bcallbacks.shift().apply(%20context%2C%20args%20)%3B%7D%7Dfinally%20%7Bfired%20%3D%20%5B%20context%2C%20args%20%5D%3Bfiring%20%3D%200%3B%7D%7Dreturn%20this%3B%7D%2Cresolve%3A%20function()%20%7Bdeferred.resolveWith(%20this%2C%20arguments%20)%3Breturn%20this%3B%7D%2CisResolved%3A%20function()%20%7Breturn%20!!(%20firing%20%7C%7C%20fired%20)%3B%7D%2Ccancel%3A%20function()%20%7Bcancelled%20%3D%201%3Bcallbacks%20%3D%20%5B%5D%3Breturn%20this%3B%7D%7D%3Breturn%20deferred%3B%7D%2Ctype%3A%20function(%20obj%20)%20%7Breturn%20obj%20%3D%3D%20null%20%3F%20String(%20obj%20)%20%3A%20class2type%5B%20Object.prototype.toString.call(obj)%20%5D%20%7C%7C%20%22object%22%3B%7D%7D%3Bfunction%20doScrollCheck()%7Bif%20(%20ReadyObj.isReady%20)%20%7Breturn%3B%7Dtry%20%7Bdocument.documentElement.doScroll(%22left%22)%3B%7D%20catch(e)%7BsetTimeout(%20doScrollCheck%2C%201%20)%3Breturn%3B%7DReadyObj.ready()%3B%7Dif(document.addEventListener)%7BDOMContentLoaded%20%3D%20function()%7Bdocument.removeEventListener(%20%22DOMContentLoaded%22%2C%20DOMContentLoaded%2C%20false%20)%3BReadyObj.ready()%3B%7D%3B%7D%20else%20if%20(%20document.attachEvent%20)%20%7BDOMContentLoaded%20%3D%20function()%20%7Bif%20(%20document.readyState%20%3D%3D%3D%20%22complete%22%20)%20%7Bdocument.detachEvent(%20%22onreadystatechange%22%2C%20DOMContentLoaded%20)%3BReadyObj.ready()%3B%7D%7D%3B%7Dfunction%20ready(fn)%7BReadyObj.bindReady()%3Bvar%20type%20%3D%20ReadyObj.type(%20fn%20)%3BreadyList.done(%20fn%20)%3B%7Dreturn%20ready%3B%7D)()%3B%0A%20%20%20%20%20%20%20%20ready(function()%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20top.postMessage(%7B'actionType'%3A'viewUrl'%2C'scriptContainer'%3A%22ifr_theAd_banner_dM7qKTH6vB%22%2C'url'%3A%22https%3A%2F%2Fad.playamedia.com%2Fviewability%3Fsid%3D7d8e6ed2-f01b-4639-b34f-0a2a2b75e344%22%7D%2C%20'*')%3B%0A%20%20%20%20%20%20%20%20%7D)%3B%0A%20%20%20%20%7Dcatch(e)%7B%0A%20%20%20%20%7D%0A%3C%2Fscript%3E%0A%3C%2Fhead%3E%0A%0A%0A%3Cbody%20style%3D%22margin%3A0%3Bpadding%3A0%3B%22%3E%0A%20%20%20%20%0A%3Cdiv%20id%3D%22banner%22%20class%3D%22adBannerBox%22%3E%0A%20%20%20%20%0A%20%20%20%20%0A%20%20%20%20%3Ca%20href%3D%22https%3A%2F%2Fad.playamedia.com%2Fclick%3Fid%3D8cebb4eb-1f30-417c-ae73-dd06b6bf8836%22%20target%3D%22_blank%22%3E%0A%20%20%20%20%20%20%20%20%3Cimg%20src%3D%22https%3A%2F%2Fstrawberry.playamedia.com%2Fsystem%2Ffiles%2Fimages%2F23%2Fe10bc8b1362829874fb647e243ef2f08.gif%22%20alt%3D%22traummann_300x250_v1B_GE.gif%22%20width%3D%22300%22%20height%3D%22250%22%20%2F%3E%0A%20%20%20%20%3C%2Fa%3E%0A%20%20%20%20%3Cimg%20src%3D%22https%3A%2F%2Fad.playamedia.com%2Fimpression%3Fid%3D8cebb4eb-1f30-417c-ae73-dd06b6bf8836%22%20width%3D%221%22%20height%3D%221%22%20%2F%3E%0A%20%20%20%20%0A%20%20%20%20%0A%0A%3C%2Fdiv%3E%0A%0A%20%20%20%20%3Cscript%20type%3D%22application%2Fjavascript%22%3E%0A%3C%2Fscript%3E%0A%3C%2Fbody%3E%0A%3C%2Fhtml%3E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.51.92 Darmstadt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pm-staging.orbita1.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 05 Mar 2020 04:42:52 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
68
Content-Type
image/png
spc.php
ads.playamedia.com/ 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.playamedia.com/spc.php?zones=91%7C92%7C93%7C94%7C95%7C96%7C98%7C99%7C100%7C101%7C102%7C164%7C161%7C173%7C177%7C178%7C179%7C254&source=&r=14561154&g=guest&charset=UTF-8&loc=https%3A//www.kaufmich.com/shantijolie
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/js/bundle/all.537f66bf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.21 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 / PHP/5.6.30
Resource Hash
19184850a3a6f73071d52cf584b0923fb97a0b76ad0501d0557c57814a385780
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Thu, 05 Mar 2020 04:42:52 GMT
Content-Encoding
gzip
Server
openresty/1.13.6.1
X-Powered-By
PHP/5.6.30
X-Frame-Options
SAMEORIGIN
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=UTF-8
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Mar 2020 04:42:51 GMT
fl.js
ads.playamedia.com/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.playamedia.com/fl.js
Requested by
Host: www.kaufmich.com
URL: https://www.kaufmich.com/js/bundle/all.537f66bf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.208.151.21 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
openresty/1.13.6.1 /
Resource Hash
316fd92de184f954a5c3ee62d7ff4c3cca0789d8f1f40eb719821f3acfd79b64
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 05 Mar 2020 04:42:52 GMT
Last-Modified
Tue, 16 Dec 2014 07:36:21 GMT
Server
openresty/1.13.6.1
ETag
"548fe0f5-18da"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6362
X-XSS-Protection
1; mode=block
viewability
ad.playamedia.com/ 		68 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.playamedia.com/viewability?sid=7d8e6ed2-f01b-4639-b34f-0a2a2b75e344
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.51.92 Darmstadt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pm-staging.orbita1.ru
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
https://www.kaufmich.com/shantijolie
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 05 Mar 2020 04:42:53 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
68
Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
truncated
URL
data:truncated

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _gaq function| gtag object| dataLayer function| loadjscssfile object| google_tag_manager function| $A function| $w function| $H function| $R function| fileQueueError function| uploadError function| fileDialogComplete function| uploadProgress function| uploadSuccess function| uploadComplete function| fadeIn function| FileProgress function| _handleMultipleEvents function| _logType function| configMenu function| initMenu function| PandaUploader function| removePrivateMessageFile function| preloadImage function| startSlideshow function| stopSlideshow function| showNextPhoto function| showStopButton function| showStartButton function| onEndCrop function| insertEmoticon function| disableClickDensity function| enableClickDensity function| openGalleryWindow function| showLoadingGalleryWindow function| setGalleryWindowContent function| updateGalleryWindowSize function| updateWindowSize function| setWindowContent function| checkAndSubmitMce function| addMce function| removeMce function| registerToggleHandler function| showFlashMessage function| insertAtCursor function| getInnerSize function| resizeToInner function| searchSelect function| isHidden function| toggleBlindItem function| replaceChars function| my_encodeURI function| encode64 function| decode64 function| toggleWebDebugCCMessages function| webDebugCCMessagesOnSubmitCallback function| webDebugCCMessagesInputOnChangeCallback function| toggleWebDebugCCMessageInput function| disableObj function| updateCounter function| initCounter function| updateFavoriteLinks function| checkShowMoreOrLess object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| Hash function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position object| Scriptaculous object| Builder object| Effect object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable object| Autocompleter object| Control function| SWFUpload object| Starboxes function| Starbox function| CropDraggable object| Cropper object| Windows object| Dialog object| array object| WindowUtilities object| Base64 object| MD5 function| vjs function| videojs function| hasOwnProp number| errNum boolean| _backgroundSizeSupported object| cx function| TncGallery function| cityAutoCompleter object| favorites object| infiniteScroll object| LoadOnScroll object| infoPages object| lightbox object| login object| map function| Menu function| MenuContainer function| MenuItem object| menu boolean| BROWSER_OUTDATED function| Browser object| browser object| openx object| pagination object| payment object| profileVisitors object| promotedProfile object| rtns object| sendGift object| tncSlideshow object| tabs object| tncGalleryUpload object| tncUi object| TNCVideoUtils object| TNCVideoUpload object| TNCVideoRecord object| TNCVideoRecordListener object| TNCFsk18VideoRecord object| TNCFsk18VideoRecordListener object| flashMessages undefined| pm_swfu undefined| slideshow undefined| start_stop_vals undefined| slideshow_running object| preload_images undefined| gallery_window boolean| spell_check_has_errors number| spell_check_checked_count undefined| flash_js_pe object| jsHelper object| i18n object| miscHelper object| cookieHelper boolean| gTimer object| upload object| xmpp function| $ function| $$ function| Sizzle function| Selector object| Sound object| Strophe function| $build function| $msg function| $iq function| $pres function| promotedProfileAutocompleter boolean| AUTO_LAZYWRITE object| LazyWrite function| jQuery function| $j function| wNumb function| loadImage function| qq object| L object| search_location_autocompleter function| showAutocompleteTip string| search_location_last string| search_location_id_last object| _gat object| CountryDict function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| playamediaAd object| events function| handle object| params string| OA_zoneids undefined| zonename string| OA_p number| OA_r string| OA_spc function| OA_show function| OA_showpop string| OA_fo string| OA_source object| OA_output object| org function| getQueryParamValue function| FlashObject function| SWFObject

5 Cookies

Domain/Path Name / Value
.kaufmich.com/ Name: __utmz
Value: 41299965.1583383373.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.kaufmich.com/ Name: __utmb
Value: 41299965.0.10.1583383373
.kaufmich.com/ Name: __utma
Value: 41299965.1458858503.1583383373.1583383373.1583383373.1
.kaufmich.com/ Name: __utmc
Value: 41299965
.kaufmich.com/ Name: session_id
Value: 2grmrljvu8s7pmo9jtjugjbiu0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.playamedia.com
ads.playamedia.com
googleads.g.doubleclick.net
img-5.kaufmich.com
img-6.kaufmich.com
img-8.kaufmich.com
ssl.google-analytics.com
strawberry.playamedia.com
truncated
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.kaufmich.com
truncated
172.217.22.98
213.208.151.21
213.208.151.6
213.208.151.97
2a00:1450:4001:800::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::2008
94.130.51.92
03796576b1210856b6ecb52fe46aee4f72437333784d10d331872ab597f801b9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1372ede4bf460d8201bf0cd32681692ee5820cf3e77b31cfa150c5b4b94e2716
19184850a3a6f73071d52cf584b0923fb97a0b76ad0501d0557c57814a385780
316fd92de184f954a5c3ee62d7ff4c3cca0789d8f1f40eb719821f3acfd79b64
326de6fbf31615992e09a5caf720792309e4c8c3c527f4752c59a512ff0992d9
3397fe19749655ffa055bc609bf4a6f9a0256cd226da5a9fd347c7e32b16b991
3ffbda6776fe40b7c198e51c0c19f26994b600303553d8ecfa4906e47c18bd28
4314e8fc13db5ad280a14c06bc6bcfafaafc55e1e5119d451a1f356280ee2ece
4695bed54e9081a7f07fa4c656d381555c2dea26ff4c0b36bc8db51ad1fb5267
48008f47f5e324594e87d026c98ea5ebc2fbe24514045319c4f81a94fc2aaba5
56f93ca6c3c211828a5ff14f89b74815ced87ae94386f690a6c149a6c6cc53f2
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
67981842afb2c09f2ff33f1aab13f8c0fde1341b77741b74becd4234b507f202
684c0e56aeed1b0172a179a0f677e22355eeb4e3ea5f2cf02b2d2c1a5706992b
70823108d3a1f856bdc19308f8928fc11293286070fd3f88274503b6a52be6af
79e2118a45ec0895906e3adae2a43dce8d0b4873fc46c7023b7103060653bbd7
7b2d89c8a8dfec8884fef159ac3379deaae07098caeb588733ea0922320d6be9
7ea41ef9ea8376810d4818e444658fb732af0236f9006a2a7ea2bf40073e79ee
8254d7deb7d880781e9b2c671d8483467adc00b96ef4d3c09715ac9be19bda34
82ab1d03857948354c3c2a07c4011afe754ac24f4eebcd6773bbfa058bb18b3f
9694ec50f358f572252da2abb225472e2aab1c89ea1fa86ba25a326b664f2899
ac02f18cba4c756bca31fbb5d720b242af59a56c7fc7549896d775edd4b72333
af6004bb9150b76e969a67eee417996559f10d0d312322824540c0148f0d3f7f
b9f6dd5edd1222b6fddbc439d64797ef90c669043cb1996a6598f1966563656a
c3273b0d4b5f93703baa805cf35291f9f0f71b67adc1a5f6b7803d4f61e538aa
c3631ac1c623c7498c038ddf390931387f2b76e517675efed274b1c95bd80b68
c370ed65d0c525a4f57d818a1735e393601f77084f7e09d3b8e07c8edc6be1e0
c6a1cec88a8f1f8326ad43e8cc60c1415f573d1354bbec8a05a1ad2277970191
ecd0a42d6307663a1ed7415a9f42da8c30a602837cc71273d0fde34a35639db3
ed9f0b2a283918d6db2981fea3167b568760cfda371e435cf1b7115adce9d7d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa9789db40fdc0311bc8df4b203b7107472790b4e231dcf40516a58c33d75cd4