www.beautywelt.de Open in urlscan Pro
85.13.155.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://allianzcpitalpartners.com/
Effective URL:
https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelk...
Submission: On July 08 via manual (July 8th 2021, 7:53:23 am UTC) from GB

Summary HTTP 34 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 34 HTTP transactions. The main IP is 85.13.155.115, located in Loebau, Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.beautywelt.de.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 16th 2019. Valid for: 2 years.

This is the only time www.beautywelt.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.82.12.32 23.82.12.32	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	66.165.243.151 66.165.243.151	29802 (HVC-AS) (HVC-AS)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2 4	95.211.116.27 95.211.116.27	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
22	85.13.155.115 85.13.155.115	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
34	5

1 23.82.12.32 (Boston, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

allianzcpitalpartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.165.243.151 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-151.static.hvvc.us

r.redirekted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.211.116.27 (Heerhugowaard, Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com

ch-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 85.13.155.115 (Loebau, Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd6430.kasserver.com

www.beautywelt.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	beautywelt.de www.beautywelt.de	144 KB
5	google-analytics.com www.google-analytics.com	39 KB
4	kelkoogroup.net 2 redirects ch-go.kelkoogroup.net	32 KB
4	redirekted.com r.redirekted.com	11 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	allianzcpitalpartners.com 1 redirects allianzcpitalpartners.com	464 B
34	6

	Domain	Requested by
22	www.beautywelt.de	ch-go.kelkoogroup.net www.beautywelt.de
5	www.google-analytics.com	r.redirekted.com www.google-analytics.com www.googletagmanager.com
4	ch-go.kelkoogroup.net	2 redirects r.redirekted.com ch-go.kelkoogroup.net
4	r.redirekted.com	r.redirekted.com
1	www.googletagmanager.com	ch-go.kelkoogroup.net
1	allianzcpitalpartners.com	1 redirects
34	6

This site contains links to these domains. Also see Links.

Domain
www.preis.de
www.billiger.de
www.idealo.de

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.kelkoogroup.net DigiCert SHA2 Secure Server CA	`2020-07-29` - `2021-10-06`	a year	crt.sh
beautywelt.de Sectigo RSA Organization Validation Secure Server CA	`2019-10-16` - `2021-10-22`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
Frame ID: 2AEF955FAEF572619ACCBF0C5CF77544
Requests: 30 HTTP requests in this frame

Frame: http://r.redirekted.com/go?e=DwCaxHVbHKB95Gr-0UX9ywsmOaFefQBuclF14mX2cPM-MUrvk3p0g0XypFCeHPAWy3C5kGVbH3B8AUAskaqdbRsuqPC9IPqW1aq95mXbxKC8MUqYgFW14mXypFB8gRAuy3C55GVxfvEuHPsX53pdfHsYO3K9gQs-bFLRu2Z_pPEmV3XTEwLwbHVyjwL55QL80KX99SA7NJC85mW-0KW491X-xaC8SzVxgvCzRTsyHUC9uPqwgFW8t0X-pvCeLUsxcvFefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Frame ID: 5E970866E5C8F65EDFE119FCBAF93F45
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://allianzcpitalpartners.com/ HTTP 302
http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802... Page URL
https://ch-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1625725619031&.sig=G7.vb5vs1t8ygAMKRXlloGrl.tQ-&aff... HTTP 307
https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e3... Page URL
https://ch-go.kelkoogroup.net/redirect?country=ch&k=612f7a9541cd6ea61eb554c0e4cff437c872692d99e299ce38ecd3... HTTP 303
https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

34
Requests

88 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

259 kB
Transfer

493 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.preis.de/

Search URL Search Domain Scan URL

URL: https://www.billiger.de/

Search URL Search Domain Scan URL

URL: https://www.idealo.de/preisvergleich/Shop/313841.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://allianzcpitalpartners.com/ HTTP 302
http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71 Page URL
https://ch-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1625725619031&.sig=G7.vb5vs1t8ygAMKRXlloGrl.tQ-&affiliationId=96965872&comId=100522823&country=ch&offerId=ff5a7d9e1ab4b73a8dbcbdf1a200e6a2&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8gwVV53p1pzXbxREltFqTMwC9uxZcZFBmpKp5DmCwL0Xcx3F75GsUAGXWAUW3u0F9c0LWk3BjMRsyjaL7gQqu13CVyRsmO3K9IPqukUF&custom2=jKWjuHsytaF-AUrYqwqSExZvy0BlpKrUAQB HTTP 307
https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o= Page URL
https://ch-go.kelkoogroup.net/redirect?country=ch&k=612f7a9541cd6ea61eb554c0e4cff437c872692d99e299ce38ecd35c212029fdc1e4be5f6ed54a58429ebbe7042dcc87526ab631ac0904cea1d2d8bff80d59dd943fdabee9b049c351c3c2dea43a63159d41f28797fc263ac9002b0a3d2d20ad93598316fe423624ef58a7c184c30781d3dcb1ce1586c155da4ce8d1a93ca918451d5b046cfbb93f18173b0da48507379fb62f387081f56f8d677b1791d28b0e12980f7c46c5bc23fb0ac0fd54f615d7ca3186997faba91e2bebb7f5a112b4c31f781c381ab5dee41542f6ab522455afec16880d10bff68fe37c35542f800f003bc083d29f2cc59022562922a4953529d3b6148daa915b44e9e62c2845395bdd9a167c3152c64f1dd22f54ef7abc77ee57a98713b2bac08a61aaca705928b8dc852d85c174728ec1ed41c4f5d725b284&leadId=dc1-kls-prod-srv-03.prod.dc1.kelkoo.net_1625730786511_1399823&clickId=107699104_1625730786470_1488371&url=https%3A%2F%2Fwww.beautywelt.de%2FSexyhair-Organics-Daily-Conditioner%3Fkk%3Da4c6361-17a851b24c7-ecc18%26art%3DArtNr67696%26pk_campaign%3Dkelkooch%26utm_source%3Dkelkooch%26utm_medium%3Ddisplay%26utm_campaign%3Dkelkooch%26utm_term%3DArtNr67696&initiator=timeout HTTP 303
https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://allianzcpitalpartners.com/ HTTP 302
http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71

Request Chain 4

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 6

http://www.google-analytics.com/collect?v=1&_v=j91&a=1347089042&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbHKB95Gr-0UX9ywsmOaFefQBuclF14mX2cPM-MUrvk3p0g0XypFCeHPAWy3C5kGVbH3B8AUAskaqdbRsuqPC9IPqW1aq95mXbxKC8MUqYgFW14mXypFB8gRAuy3C55GVxfvEuHPsX53pdfHsYO3K9gQs-bFLRu2Z_pPEmV3XTEwLwbHVyjwL55QL80KX99SA7NJC85mW-0KW491X-xaC8SzVxgvCzRTsyHUC9uPqwgFW8t0X-pvCeLUsxcvFefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1805177682.1625730786&tid=UA-32454353-1&_gid=1927494678.1625730786&cd1=oz9lnTA8n2kesUk8sT5ipzuwsTgfn3k8sUj%3D&z=2082585548 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j91&a=1347089042&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbHKB95Gr-0UX9ywsmOaFefQBuclF14mX2cPM-MUrvk3p0g0XypFCeHPAWy3C5kGVbH3B8AUAskaqdbRsuqPC9IPqW1aq95mXbxKC8MUqYgFW14mXypFB8gRAuy3C55GVxfvEuHPsX53pdfHsYO3K9gQs-bFLRu2Z_pPEmV3XTEwLwbHVyjwL55QL80KX99SA7NJC85mW-0KW491X-xaC8SzVxgvCzRTsyHUC9uPqwgFW8t0X-pvCeLUsxcvFefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1805177682.1625730786&tid=UA-32454353-1&_gid=1927494678.1625730786&cd1=oz9lnTA8n2kesUk8sT5ipzuwsTgfn3k8sUj%3D&z=2082585548

Request Chain 7

https://ch-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1625725619031&.sig=G7.vb5vs1t8ygAMKRXlloGrl.tQ-&affiliationId=96965872&comId=100522823&country=ch&offerId=ff5a7d9e1ab4b73a8dbcbdf1a200e6a2&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8gwVV53p1pzXbxREltFqTMwC9uxZcZFBmpKp5DmCwL0Xcx3F75GsUAGXWAUW3u0F9c0LWk3BjMRsyjaL7gQqu13CVyRsmO3K9IPqukUF&custom2=jKWjuHsytaF-AUrYqwqSExZvy0BlpKrUAQB HTTP 307
https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

redirect Show response
r.redirekted.com/
Redirect Chain

http://allianzcpitalpartners.com/
http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71

814 B
1023 B

353ms
321ms

Document
text/html

66.165.243.151
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71
Protocol: HTTP/1.1
Server: 66.165.243.151 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-151.static.hvvc.us
Software: nginx/1.19.10 / PHP/7.4.16
Resource Hash: 572069b2294c1d2e86a12ecf5ce004d7a658a1269eb0747e9131ae7f17bd771d

Request headers

Host: r.redirekted.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.19.10
Date: Thu, 08 Jul 2021 07:53:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 08 Jul 2021 07:53:04 GMT
location: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71
server: nginx
set-cookie: sid=86f0e578-dfc1-11eb-9da1-18b99bb2259e; path=/; domain=.allianzcpitalpartners.com; expires=Tue, 26 Jul 2089 11:07:12 GMT; max-age=2147483647; HttpOnly

GET
H/1.1 200
OK adren.css
r.redirekted.com/css/ 243 B
480 B 170ms
170ms Stylesheet
text/css 66.165.243.151
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/css/adren.css?n=3286370463
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71
Protocol: HTTP/1.1
Server: 66.165.243.151 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-151.static.hvvc.us
Software: nginx/1.19.10 /
Resource Hash: e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: r.redirekted.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71
Connection: keep-alive
Cache-Control: no-cache
Referer: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 07:53:05 GMT
Last-Modified: Wed, 25 Jul 2018 22:42:25 GMT
Server: nginx/1.19.10
ETag: "5b58fcd1-f3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243

GET
H/1.1 200
OK adren.min.js Show response
r.redirekted.com/js/ 7 KB
8 KB 353ms
342ms Script
application/javascript 66.165.243.151
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/js/adren.min.js?n=3286370463
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71
Protocol: HTTP/1.1
Server: 66.165.243.151 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-151.static.hvvc.us
Software: nginx/1.19.10 /
Resource Hash: 55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: r.redirekted.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71
Connection: keep-alive
Cache-Control: no-cache
Referer: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 07:53:06 GMT
Last-Modified: Wed, 25 Jul 2018 22:42:25 GMT
Server: nginx/1.19.10
ETag: "5b58fcd1-1d68"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7528

GET
H/1.1 200
OK Cookie set go Show response
r.redirekted.com/ Frame 5E97 2 KB
2 KB 183ms
183ms Document
text/html 66.165.243.151
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/go?e=DwCaxHVbHKB95Gr-0UX9ywsmOaFefQBuclF14mX2cPM-MUrvk3p0g0XypFCeHPAWy3C5kGVbH3B8AUAskaqdbRsuqPC9IPqW1aq95mXbxKC8MUqYgFW14mXypFB8gRAuy3C55GVxfvEuHPsX53pdfHsYO3K9gQs-bFLRu2Z_pPEmV3XTEwLwbHVyjwL55QL80KX99SA7NJC85mW-0KW491X-xaC8SzVxgvCzRTsyHUC9uPqwgFW8t0X-pvCeLUsxcvFefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/js/adren.min.js?n=3286370463
Protocol: HTTP/1.1
Server: 66.165.243.151 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-151.static.hvvc.us
Software: nginx/1.19.10 / PHP/7.4.16
Resource Hash: 8251a8c6bc6af728e7637007cf01d9dcc14a6626b2c2a72171b80117e4fc6122

Request headers

Host: r.redirekted.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71

Response headers

Server: nginx/1.19.10
Date: Thu, 08 Jul 2021 07:53:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Set-Cookie: uuid=7445105908149175296; expires=Fri, 09-Jul-2021 07:53:06 GMT; Max-Age=86400

GET
H2

200

analytics.js Show response
www.google-analytics.com/ Frame 5E97
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=DwCaxHVbHKB95Gr-0UX9ywsmOaFefQBuclF14mX2cPM-MUrvk3p0g0XypFCeHPAWy3C5kGVbH3B8AUAskaqdbRsuqPC9IPqW1aq95mXbxKC8MUqYgFW14mXypFB8gRAuy3C55GVxfvEuHPsX53pdfHsYO3K9gQs-bFLRu2Z_pPEmV3XTEwLwbHVyjwL55QL80KX99SA7NJC85mW-0KW491X-xaC8SzVxgvCzRTsyHUC9uPqwgFW8t0X-pvCeLUsxcvFefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1641
date: Thu, 08 Jul 2021 07:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 08 Jul 2021 09:25:45 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H3-29 200 collect
www.google-analytics.com/j/ Frame 5E97 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1347089042&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbHKB95Gr-0UX9ywsmOaFefQBuclF14mX2cPM-MUrvk3p0g0XypFCeHPAWy3C5kGVbH3B8AUAskaqdbRsuqPC9IPqW1aq95mXbxKC8MUqYgFW14mXypFB8gRAuy3C55GVxfvEuHPsX53pdfHsYO3K9gQs-bFLRu2Z_pPEmV3XTEwLwbHVyjwL55QL80KX99SA7NJC85mW-0KW491X-xaC8SzVxgvCzRTsyHUC9uPqwgFW8t0X-pvCeLUsxcvFefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1183006409&gjid=2064387803&cid=1805177682.1625730786&tid=UA-32454353-1&_gid=1927494678.1625730786&_r=1&_slc=1&z=1959927022

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 07:53:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://r.redirekted.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

collect
www.google-analytics.com/ Frame 5E97
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j91&a=1347089042&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbHKB95Gr-0UX9ywsmOaFefQBuclF14mX2cPM-MUrvk3p0g0XypFCeHPAWy3C5kGVbH...
https://www.google-analytics.com/collect?v=1&_v=j91&a=1347089042&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbHKB95Gr-0UX9ywsmOaFefQBuclF14mX2cPM-MUrvk3p0g0XypFCeHPAWy3C5kGVb...

35 B
55 B

6ms
6ms

Image
image/gif

2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1347089042&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbHKB95Gr-0UX9ywsmOaFefQBuclF14mX2cPM-MUrvk3p0g0XypFCeHPAWy3C5kGVbH3B8AUAskaqdbRsuqPC9IPqW1aq95mXbxKC8MUqYgFW14mXypFB8gRAuy3C55GVxfvEuHPsX53pdfHsYO3K9gQs-bFLRu2Z_pPEmV3XTEwLwbHVyjwL55QL80KX99SA7NJC85mW-0KW491X-xaC8SzVxgvCzRTsyHUC9uPqwgFW8t0X-pvCeLUsxcvFefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1805177682.1625730786&tid=UA-32454353-1&_gid=1927494678.1625730786&cd1=oz9lnTA8n2kesUk8sT5ipzuwsTgfn3k8sUj%3D&z=2082585548

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 00:30:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26539
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j91&a=1347089042&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbHKB95Gr-0UX9ywsmOaFefQBuclF14mX2cPM-MUrvk3p0g0XypFCeHPAWy3C5kGVbH3B8AUAskaqdbRsuqPC9IPqW1aq95mXbxKC8MUqYgFW14mXypFB8gRAuy3C55GVxfvEuHPsX53pdfHsYO3K9gQs-bFLRu2Z_pPEmV3XTEwLwbHVyjwL55QL80KX99SA7NJC85mW-0KW491X-xaC8SzVxgvCzRTsyHUC9uPqwgFW8t0X-pvCeLUsxcvFefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1805177682.1625730786&tid=UA-32454353-1&_gid=1927494678.1625730786&cd1=oz9lnTA8n2kesUk8sT5ipzuwsTgfn3k8sUj%3D&z=2082585548
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

Cookie set go Show response
ch-go.kelkoogroup.net/
Redirect Chain

https://ch-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1625725619031&.sig=G7.vb5vs1t8ygAMKRXlloGrl.tQ-&affiliationId=96965872&comId=100522823&country=ch&offerId=ff5a7d9e1ab4b73a8dbcbdf1a200e6a2&ser...
https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296...

28 KB
29 KB

45ms
44ms

Document
text/html

95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Heerhugowaard, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

2821bde8612654a2d7110343d2eda11e421c207c64c447deccbf5a057c788daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: ch-go.kelkoogroup.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://r.redirekted.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: referer=http%3A%2F%2Fr.redirekted.com%2F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://r.redirekted.com/redirect?redirect_id=ac0740f23ed5114cfebe0a3e7fe5a376&request_id=aa6bf5ca802f86c7fdf98b7013e5ee71

Response headers

Date: Thu, 08 Jul 2021 07:53:06 GMT
leadId: dc1-kls-prod-srv-03.prod.dc1.kelkoo.net_1625730786511_1399823
clickId: 107699104_1625730786470_1488371
country: ch
Request-Time: PT0.013S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 28617
Set-Cookie: kelkooID=a4c6361-17a851b24c7-ecc18; Max-Age=31536000; Expires=Fri, 08 Jul 2022 07:53:06 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly lastSearchedKeyword=a3dkPVNleHloYWlyIE9yZ2FuaWNzIERhaWx5IENvbmRpdGlvbmVyIDEwMDB8dHM9MTYyNTczMDc4NjUxNXxjYXRJZD0xMDAzMTQxMjN8Y29tSWQ9MTAwNTIyODIz; Max-Age=31536000; Expires=Fri, 08 Jul 2022 07:53:06 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=68
Connection: Keep-Alive

Redirect headers

Date: Thu, 08 Jul 2021 07:53:06 GMT
clickId: 107699104_1625730786470_1488371
country: ch
Location: /go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=
Request-Time: PT0.001S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: referer=http%3A%2F%2Fr.redirekted.com%2F; Max-Age=31536000; Expires=Fri, 08 Jul 2022 07:53:06 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=96
Connection: Keep-Alive
Content-Type: text/plain

GET
H/1.1 200
OK p.png
ch-go.kelkoogroup.net/assets/images/ 68 B
625 B 44ms
30ms Image
image/png 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ch-go.kelkoogroup.net/assets/images/p.png?country=ch&k=612f7a9541cd6ea61eb554c0e4cff437c872692d99e299ce38ecd35c212029fdc1e4be5f6ed54a58429ebbe7042dcc87526ab631ac0904cea1d2d8bff80d59dd943fdabee9b049c351c3c2dea43a63159d41f28797fc263ac9002b0a3d2d20ad93598316fe423624ef58a7c184c30781d3dcb1ce1586c155da4ce8d1a93ca918451d5b046cfbb93f18173b0da48507379fb62f387081f56f8d677b1791d28b0e12980f7c46c5bc23fb0ac0fd54f615d7ca3186997faba91e2bebb7f5a112b4c31f781c381ab5dee41542f6ab522455afec16880d10bff68fe37c35542f800f003bc083d29f2cc59022562922a4953529d3b6148daa915b44e9e62c2845395bdd9a167c3152c64f1dd22f54ef7abc77ee57a98713b2bac08a61aaca705928b8dc852d85c174728ec1ed41c4f5d725b284&leadId=dc1-kls-prod-srv-03.prod.dc1.kelkoo.net_1625730786511_1399823&clickId=107699104_1625730786470_1488371

Requested by

Host: ch-go.kelkoogroup.net
URL: https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Heerhugowaard, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ch-go.kelkoogroup.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=
Cookie: referer=http%3A%2F%2Fr.redirekted.com%2F; kelkooID=a4c6361-17a851b24c7-ecc18; lastSearchedKeyword=a3dkPVNleHloYWlyIE9yZ2FuaWNzIERhaWx5IENvbmRpdGlvbmVyIDEwMDB8dHM9MTYyNTczMDc4NjUxNXxjYXRJZD0xMDAzMTQxMjN8Y29tSWQ9MTAwNTIyODIz
Connection: keep-alive
Referer: https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ApacheTracking: localhost
Date: Thu, 08 Jul 2021 07:53:06 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.001S
P3P: CP="Anything"
Connection: Keep-Alive
Content-Length: 68
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
ETag: "7dde07c9ed7cfb17d6de1a9196882c26a01fb406"
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private, must-revalidate
X-Robots-Tag: noindex,nofollow
Keep-Alive: timeout=40, max=62
Expires: Tue, 05 Jul 2022 12:53:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 97 KB
36 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b90c5c59917eeaca76e2e387d7f0d8ff254c8bc37ff0cc788501a83ffe2301c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36926
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Jul 2021 07:53:06 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1641
date: Thu, 08 Jul 2021 07:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 08 Jul 2021 09:25:45 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=743186418&t=pageview&_s=1&dl=https%3A%2F%2Fch-go.kelkoogroup.net%2Fgo%3Fcountry%3Dch%26k%3D5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e%26o%3D&dr=http%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965872%7C100522823%7C&ul=en-us&de=UTF-8&dt=Weiterleitung%20zu%20beautywelt.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1684208224&gjid=1110435347&cid=665966626.1625730787&tid=UA-168544891-36&_gid=1923530714.1625730787&_r=1&gtm=2wg7705ZS487&cd1=96965872&cd2=dc1-kls-prod-srv-03.prod.dc1.kelkoo.net_1625730786511_1399823&cd3=100522823&cd4=a4c6361-17a851b24c7-ecc18&cd5=&cd6=96965872%7C100522823%7C&z=1034113811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 07:53:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ch-go.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Primary Request Sexyhair-Organics-Daily-Conditioner Show response
www.beautywelt.de/
Redirect Chain

https://ch-go.kelkoogroup.net/redirect?country=ch&k=612f7a9541cd6ea61eb554c0e4cff437c872692d99e299ce38ecd35c212029fdc1e4be5f6ed54a58429ebbe7042dcc87526ab631ac0904cea1d2d8bff80d59dd943fdabee9b049c35...
https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=...

36 KB
9 KB

397ms
287ms

Document
text/html

85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
Requested by: Host: ch-go.kelkoogroup.net
URL: https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd6430.kasserver.com
Software: Apache /
Resource Hash: 187a005401e6d812e5f1fcb42c1d8e671943c896d2a90a5293f448ff4dd371fa

Request headers

:method: GET
:authority: www.beautywelt.de
:scheme: https
:path: /Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ch-go.kelkoogroup.net/go?country=ch&k=5e4dd8e71bf1c9eb0e174a7ada83ad48fb4c1a6676e041af2e6b5d6664e329c492a4d79be25d0a834fd69c479851049377ee90ac2a40d456b090fec08670fc216867cb8debd18206dc81296ad72ebd7f1c249fe04837a04e76369c35b0e37fb17f98ca73ffaf4d3accbb03294de6b018927776d1627d9ad4f5b883ad2165871840c93ec48dbc02303784705148670f1a29116fdfa2e709bf09cf9e6319f9cc4619dbcf0b94d1f2568e558a19e99567d04d6fe42d05bbf3dff8025f8818b1b0e907e4c8dce604fb63c9073b88124bf6014c7ac4dc2b16b2c1e6d45be8a8e7b8c9b0e30e6a22f3fd6f8a1ea20c41b8e111cd23d821aa75f403a8e50caff1688eb0883b296c38c7d496d3c8d522170c07b2139181f74ab2e1e93a001d0bd0cac43241849dd24c74eef36d08925161f761b238d7c6addf28ec86718daf04c93dfe51c8b30e038b2b20f4d98b9ee26c5709ee18d4a883a1551def0042a5839754aad925e2c91b2da762c3a50e0e4d749891a39a6afa60b146ce16e2bc63d4ffabe0977fb25bcef7cbd3791cca8c65f3248f2f13626242f6d460b9cc19b568872bc79723dca9b9a0c308f956f86e866448336113c37a9a9fc9320d3cfae62b105b9afcaf6e4803f52eadd5e7320e0b1d9a960e0c7678fe707446ee9e46aab10a65fc0b0e90ec7344baa099c38b417f7fd44d636d6cfa52a1767a8e6a63088aa7f74e9cd04b2d98b67fb03ef057d47a93303823dc9ac3f49d711e2e&o=

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
server: Apache
set-cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053; expires=Sat, 07-Aug-2021 07:53:07 GMT; Max-Age=2592000; path=/; domain=.beautywelt.de JTLSHOP=3177ba11b2b3642965c23b322782a053; expires=Sat, 07-Aug-2021 07:53:07 GMT; Max-Age=2592000; path=/; domain=.beautywelt.de
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=iso-8859-1

Redirect headers

Date: Thu, 08 Jul 2021 07:53:06 GMT
leadId: dc1-kls-prod-srv-03.prod.dc1.kelkoo.net_1625730786511_1399823
clickId: 107699104_1625730786470_1488371
country: ch
Location: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
Request-Time: PT0S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=1
Connection: Keep-Alive
Content-Type: text/plain

GET
H2 200 20210609_1.js Show response
www.beautywelt.de/cache/js/s2/ 83 KB
30 KB 58ms
56ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/s2/20210609_1.js

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

185849c554cf5bd9089cfc4df8052dc879e45d43d38367ff6cdcf97789f09079

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/js/s2/20210609_1.js
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:18:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30919
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 20210609_1.css
www.beautywelt.de/cache/css/om/ 10 KB
3 KB 42ms
41ms Stylesheet
text/css 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/css/om/20210609_1.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

26293a1cae9783c38c4f9be5c02b2e7a12ecb06521db1db2034dda5bacbc03f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/css/om/20210609_1.css
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:18:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2825
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 0_20210616.css
www.beautywelt.de/cache/css/0/ 11 KB
3 KB 44ms
44ms Stylesheet
text/css 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/css/0/0_20210616.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

39c5ec7647039074afcb88aa42b44b69f11fe141e236fba1fb3ce3f0c42e3974

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/css/0/0_20210616.css
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jun 2021 07:44:47 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3160
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 0_20210609_1.css
www.beautywelt.de/cache/css/1/ 5 KB
2 KB 46ms
46ms Stylesheet
text/css 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/css/1/0_20210609_1.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

32ce0a85eaaf215bd7d2ac30701909addcca4cc5df1df9abfbb4c3bcba9517ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/css/1/0_20210609_1.css
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:18:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1539
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 logo_header_287x100.png
www.beautywelt.de/cache/1/97/ 10 KB
10 KB 40ms
40ms Image
image/png 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/cache/1/97/logo_header_287x100.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

c94499aadb2cb3fe769a111a530a000a569f07e3dd8f781777bd7bc71a936ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/1/97/logo_header_287x100.png
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 21:57:53 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10261
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 sexyhair-organics-daily-conditioner-1000-ml.jpg
www.beautywelt.de/product/13953/md/ 7 KB
7 KB 59ms
59ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/13953/md/sexyhair-organics-daily-conditioner-1000-ml.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

58049edcd3738568b290026ea296bf3915584dd217a57fc9533b4f2dd6fe1d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /product/13953/md/sexyhair-organics-daily-conditioner-1000-ml.jpg
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 09:14:43 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6791
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 20210609.png
www.beautywelt.de/cache/png/j8/ 5 KB
5 KB 59ms
59ms Image
image/png 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/cache/png/j8/20210609.png

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/css/0/0_20210616.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

e3a1c299a0512f7e48d5c6e573e66af9113c8edfc0c56259de59b028332b3d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/png/j8/20210609.png
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/cache/css/0/0_20210616.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/cache/css/0/0_20210616.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:03:01 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4648
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 iu.woff2
www.beautywelt.de/cache/files/ 20 KB
20 KB 47ms
46ms Font
text/plain 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/files/iu.woff2

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/css/om/20210609_1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

25ec22166db06f6b24e5867ede272dcc792f56939ac85fa1bccd6fb06cfea5b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.beautywelt.de
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
:path: /cache/files/iu.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/cache/css/om/20210609_1.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.beautywelt.de
Referer: https://www.beautywelt.de/cache/css/om/20210609_1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:03:01 GMT
server: Apache
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20612
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 iw.woff2
www.beautywelt.de/cache/files/ 4 KB
4 KB 51ms
50ms Font
text/plain 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/files/iw.woff2

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/css/om/20210609_1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

ee799968835accd9505ec561450847e71669a3b897b3d0f3da55cec45d98fa57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.beautywelt.de
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
:path: /cache/files/iw.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/cache/css/om/20210609_1.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.beautywelt.de
Referer: https://www.beautywelt.de/cache/css/om/20210609_1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:03:01 GMT
server: Apache
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3764
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 iv.woff2
www.beautywelt.de/cache/files/ 25 KB
25 KB 51ms
51ms Font
text/plain 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/files/iv.woff2

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/css/om/20210609_1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

10e28bfa82759ceb6cabe03772861e4079ebe1fc88bdeb274c9c648f064ae6d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.beautywelt.de
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
:path: /cache/files/iv.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/cache/css/om/20210609_1.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.beautywelt.de
Referer: https://www.beautywelt.de/cache/css/om/20210609_1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:03:01 GMT
server: Apache
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 25880
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 20210617_1_ger.js Show response
www.beautywelt.de/cache/js/a10/ 11 KB
4 KB 42ms
41ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/a10/20210617_1_ger.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

bf2d597b7b64a6d3defbc69959efc8d5f11f29b6f1132a3453bd09e13f6d3636

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/js/a10/20210617_1_ger.js
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 08:34:27 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4141
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 20210630_1_ger.js Show response
www.beautywelt.de/cache/js/a2n/ 11 KB
5 KB 44ms
43ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/a2n/20210630_1_ger.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

597e03ff2c3a03c9c1520671b6ddf4d1a6edd50ba7f43a1d95b29451e27695a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/js/a2n/20210630_1_ger.js
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 07:02:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4634
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 20210609_1_ger.js Show response
www.beautywelt.de/cache/js/a21/ 763 B
552 B 46ms
45ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/a21/20210609_1_ger.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

644ced44353a528d12469c4f6f9ca70d57354522709aabfb4732818b319fb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/js/a21/20210609_1_ger.js
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:18:08 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 494
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 20210609_1.js Show response
www.beautywelt.de/cache/js/v0/ 7 KB
3 KB 41ms
41ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/v0/20210609_1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

4d522d4d07fedb617a46744b159664fb4e74f3b1c43bf1bdf6ee7c6ece722a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/js/v0/20210609_1.js
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053; gh4=6.
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:18:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3489
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 20210617_ger.html Show response
www.beautywelt.de/cache/html/a47/ 3 KB
1 KB 41ms
40ms XHR
text/html 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/html/a47/20210617_ger.html

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/js/a2n/20210630_1_ger.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

8339bddeb8b42101738d34f5903fa22279e7875ce7f09e8aea5608f3bc856835

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/html/a47/20210617_ger.html
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053; gh4=6.
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 08:33:31 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
expires: 0
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 1366
x-ua-compatible: IE=edge

GET
H2 200 20210609_1.js Show response
www.beautywelt.de/cache/js/a0d/ 2 KB
1 KB 42ms
42ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/a0d/20210609_1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

c41457889f512c023b0ddbc4a6352d909751daad08530bd3be91fbbb17c59e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/js/a0d/20210609_1.js
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053; gh4=6.
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:18:08 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1032
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 sexyhair-organics-styling-creme-150-ml.jpg
www.beautywelt.de/product/13950/95/ 2 KB
2 KB 51ms
50ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/13950/95/sexyhair-organics-styling-creme-150-ml.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

727da1d170796297eb3021da1ebbd42d9963e087f203a3b41a9c8d9706fe940a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /product/13950/95/sexyhair-organics-styling-creme-150-ml.jpg
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053; gh4=6.
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 10:32:15 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2256
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 sexyhair-organics-moisturizing-treatment-200-ml.jpg
www.beautywelt.de/product/13948/95/ 2 KB
2 KB 87ms
87ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/13948/95/sexyhair-organics-moisturizing-treatment-200-ml.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

4d332760974ca76a9cfad28987cf5cb55f8fa9ed045ce21817300b5d4d380ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /product/13948/95/sexyhair-organics-moisturizing-treatment-200-ml.jpg
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053; gh4=6.
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 10:32:24 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1975
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 sexyhair-awesomecolors-color-refreshing-conditioner-copper.jpg
www.beautywelt.de/product/88747/95/ 2 KB
2 KB 87ms
87ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/88747/95/sexyhair-awesomecolors-color-refreshing-conditioner-copper.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

d5175dfd4bddb2c93229653bcc74ab6c970f81bc8509bc4eb1e009e7d5e44ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /product/88747/95/sexyhair-awesomecolors-color-refreshing-conditioner-copper.jpg
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053; gh4=6.
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 11:32:09 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2186
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 sexyhair-awesomecolors-color-refreshing-conditioner-brown.jpg
www.beautywelt.de/product/88752/95/ 2 KB
2 KB 105ms
104ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/88752/95/sexyhair-awesomecolors-color-refreshing-conditioner-brown.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

62520b6c98a187655b70bdead3d7373d737fb552b6c3a34f8e9169985ad2e349

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /product/88752/95/sexyhair-awesomecolors-color-refreshing-conditioner-brown.jpg
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053; gh4=6.
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 11:30:33 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1797
expires: Sat, 07 Aug 2021 07:53:07 GMT

GET
H2 200 6_20210609_1.css Show response
www.beautywelt.de/cache/css/r9/ 5 KB
2 KB 99ms
99ms XHR
text/css 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/css/r9/6_20210609_1.css

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/js/a2n/20210630_1_ger.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.13.155.115 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

718d7bf05ef5193038e46be1444302be489ab2128eea80eaad39c1df5aae5ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cache/css/r9/6_20210609_1.css
pragma: no-cache
cookie: JTLSHOP=3177ba11b2b3642965c23b322782a053; gh4=6.
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.beautywelt.de
referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.beautywelt.de/Sexyhair-Organics-Daily-Conditioner?kk=a4c6361-17a851b24c7-ecc18&art=ArtNr67696&pk_campaign=kelkooch&utm_source=kelkooch&utm_medium=display&utm_campaign=kelkooch&utm_term=ArtNr67696
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 07:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 18:18:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1720
expires: Sat, 07 Aug 2021 07:53:07 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.beautywelt.de/	1970-01-19 20:18:42	Name: gh4 Value: 6.
			.beautywelt.de/	1970-01-19 20:18:42	Name: JTLSHOP Value: 3177ba11b2b3642965c23b322782a053

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allianzcpitalpartners.com
ch-go.kelkoogroup.net
r.redirekted.com
www.beautywelt.de
www.google-analytics.com
www.googletagmanager.com
23.82.12.32
2a00:1450:4001:812::2008
2a00:1450:4001:829::200e
66.165.243.151
85.13.155.115
95.211.116.27
10e28bfa82759ceb6cabe03772861e4079ebe1fc88bdeb274c9c648f064ae6d3
185849c554cf5bd9089cfc4df8052dc879e45d43d38367ff6cdcf97789f09079
187a005401e6d812e5f1fcb42c1d8e671943c896d2a90a5293f448ff4dd371fa
25ec22166db06f6b24e5867ede272dcc792f56939ac85fa1bccd6fb06cfea5b7
26293a1cae9783c38c4f9be5c02b2e7a12ecb06521db1db2034dda5bacbc03f4
2821bde8612654a2d7110343d2eda11e421c207c64c447deccbf5a057c788daa
32ce0a85eaaf215bd7d2ac30701909addcca4cc5df1df9abfbb4c3bcba9517ea
39c5ec7647039074afcb88aa42b44b69f11fe141e236fba1fb3ce3f0c42e3974
3b90c5c59917eeaca76e2e387d7f0d8ff254c8bc37ff0cc788501a83ffe2301c
4d332760974ca76a9cfad28987cf5cb55f8fa9ed045ce21817300b5d4d380ad8
4d522d4d07fedb617a46744b159664fb4e74f3b1c43bf1bdf6ee7c6ece722a9c
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
572069b2294c1d2e86a12ecf5ce004d7a658a1269eb0747e9131ae7f17bd771d
58049edcd3738568b290026ea296bf3915584dd217a57fc9533b4f2dd6fe1d12
597e03ff2c3a03c9c1520671b6ddf4d1a6edd50ba7f43a1d95b29451e27695a9
62520b6c98a187655b70bdead3d7373d737fb552b6c3a34f8e9169985ad2e349
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
644ced44353a528d12469c4f6f9ca70d57354522709aabfb4732818b319fb436
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
718d7bf05ef5193038e46be1444302be489ab2128eea80eaad39c1df5aae5ff6
727da1d170796297eb3021da1ebbd42d9963e087f203a3b41a9c8d9706fe940a
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
8251a8c6bc6af728e7637007cf01d9dcc14a6626b2c2a72171b80117e4fc6122
8339bddeb8b42101738d34f5903fa22279e7875ce7f09e8aea5608f3bc856835
bf2d597b7b64a6d3defbc69959efc8d5f11f29b6f1132a3453bd09e13f6d3636
c41457889f512c023b0ddbc4a6352d909751daad08530bd3be91fbbb17c59e9c
c94499aadb2cb3fe769a111a530a000a569f07e3dd8f781777bd7bc71a936ade
d5175dfd4bddb2c93229653bcc74ab6c970f81bc8509bc4eb1e009e7d5e44ff3
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3a1c299a0512f7e48d5c6e573e66af9113c8edfc0c56259de59b028332b3d16
ee799968835accd9505ec561450847e71669a3b897b3d0f3da55cec45d98fa57

www.beautywelt.de Open in urlscan Pro 85.13.155.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

88 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

259 kBTransfer

493 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.beautywelt.de Open in urlscan Pro
85.13.155.115 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

88 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

259 kB
Transfer

493 kB
Size

2
Cookies

34 HTTP transactions
0 data transactions