urlscan.io logo urlscan.io
SecurityTrails logo

widget.s24.com Open in urlscan Pro
52.29.232.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://magellanpa.com/
Effective URL: https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperat...
Submission: On August 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 37 HTTP transactions. The main IP is 52.29.232.52, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is widget.s24.com.
TLS certificate: Issued by R3 on August 23rd 2023. Valid for: 3 months.
This is the only time widget.s24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.172.228.26 14061 (DIGITALOC...)
1 2 52.117.247.211 36351 (SOFTLAYER)
1 5 52.43.61.66 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 12 52.29.232.52 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
10 143.204.215.61 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
37 8
1    167.172.228.26 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
magellanpa.com
2    52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com
p374591.myckdom.com
5    52.43.61.66 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-61-66.us-west-2.compute.amazonaws.com
click.cartageous.de
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    52.29.232.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
tracking.s24.com
widget.s24.com
emmi-findet.de
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    143.204.215.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-61.fra53.r.cloudfront.net
s24.media
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 s24.media
s24.media
28 KB
7 s24.com
tracking.s24.com — Cisco Umbrella Rank: 157987
widget.s24.com
21 KB
6 gstatic.com
fonts.gstatic.com
90 KB
5 emmi-findet.de
emmi-findet.de
4 KB
5 cartageous.de
click.cartageous.de
53 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
3 KB
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 117748
p374591.myckdom.com
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
67 KB
1 magellanpa.com
magellanpa.com
4 KB
37 10
Domain Requested by
10 s24.media widget.s24.com
6 fonts.gstatic.com fonts.googleapis.com
5 emmi-findet.de widget.s24.com
5 click.cartageous.de 1 redirects p374591.myckdom.com
click.cartageous.de
4 widget.s24.com widget.s24.com
4 fonts.googleapis.com click.cartageous.de
widget.s24.com
client
3 tracking.s24.com 2 redirects click.cartageous.de
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com widget.s24.com
1 p374591.myckdom.com
1 myckdom.com 1 redirects
1 magellanpa.com 1 redirects
37 12

This site contains links to these domains. Also see Links.

Domain
www.s24.com
recomad.de
Subject Issuer Validity Valid
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-03-20		 a year crt.sh
*.cartageous.de
Amazon RSA 2048 M01		 2023-02-08 -
2024-01-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
tracking.tbd.prod.s24.mrge.tech
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
widget.s24.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.albert-bevorzugt.de
Amazon RSA 2048 M03		 2023-08-16 -
2024-09-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperation:datasyndication::10118d8c&clickref=bbe18106-2110-45bf-ae4e-5097ec0ee582
Frame ID: B16E2F827A71A6D55211E13FFF196D5E
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Alternative Angebote

Page URL History Show full URLs

  1. http://magellanpa.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=ebx9GOHwD8EtRC1MLj8Lw48uDhK_8R6jT46ZjpstHTYRkb1d6n9iVxwSB56cK... HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=W6LwHsBtbbHd6comTX2b-wDTunuJ05flOZ6QO_quz8Ee_xrX6doZb... Page URL
  2. http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_... HTTP 301
    https://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_... Page URL
  3. https://tracking.s24.com/v3/clickout/10118d8c/9733/6537100717/5fde14a61fb29581b8da60678169e29d40fe31b... HTTP 303
    https://tracking.s24.com/v3/proceed?cor_b=CiRiYmUxODEwNi0yMTEwLTQ1YmYtYWU0ZS01MDk3ZWMwZWU1ODIaCDEwMTE... Page URL
  4. https://tracking.s24.com/v3/commit?cor_b=CiRiYmUxODEwNi0yMTEwLTQ1YmYtYWU0ZS01MDk3ZWMwZWU1ODIaCDEwMTE4... HTTP 303
    https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%20... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

37
Requests

100 %
HTTPS

44 %
IPv6

10
Domains

12
Subdomains

8
IPs

2
Countries

286 kB
Transfer

527 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://magellanpa.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=ebx9GOHwD8EtRC1MLj8Lw48uDhK_8R6jT46ZjpstHTYRkb1d6n9iVxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2ZaR5qks8ohbYk3WGBAOOFmJScwobXG_fWvoc-pzn9Pld-YQ1hdtbM02XpEZOwFKSZM9vW5aBt6RcXPBHaoaiCL54g7ut9wsdnd8o4-UIZ9EN8fcZgC6dmD0BiQ9S4r2vjwCMovLKnkSxiKSh7p917ZFgPvKPAV-1UbvArvms7Fb6c5nALd3DIfnFqJlWDSod5DGjP70Keu6WT8ehT1ueloWCfT4V4LDL17U02sFDJgvB43pJxqLs4nznZ8RIJUJcLQH7SfdtOyPeNtKh2Gu_flXwsmzizzaEGRxtpa1CK6r074g38k1OMUw9zg7X1gVG3cdsWEoMafaiEn8qWMgsXjLcSJ8iFttFOABG7XRr9L345gKV8vyJ7Iu_3RH5gATxqLJwP_8J3SUJ9SVLBqa4UnpolYVLEdrrtYExGWlXvr04sseHTGS9B9jVwGGw3_r5OJnGMPspck-6UigbjrE0BCRgFG3q2HHx4aPQhkXgnbAVqC7oXGucJwNN1L_MwGVX1DL7L4P6Wqd1PsHrPW5hsELiFeeYHnn1rY05ywU0qXr-6j2D4sdhnntB918xOdJB-XxcJE5rCyib7Ev8u3d9f-WBbCuklZJRrU27BH5WQe5K2ReK1o3kzzL5F8gEMq6Se7pqIqDbULbJs5C8kzDYS1hxQ7xPRM_q3V5ZMRKJTUDuWHdElfkTmazdQ1-hjg_6FNc6CiU0dZ4PdsYF6iaiKxKsAfTvYXzKFZhnqkZ7EgnaLcNkJKTZ6Rds9FyKlAPzwgKDAGdGSjNZ4gLba-Lp3Titotrj4MNNOOze1L6omR0g5yk3G_PwCaBjielh6HFb7rwEfC7splxha1yWUQyGGpuM_F9LoDYcTxrHtBNgHgohSJ12VQYH-_LcAzU-qojLZpLw7njwA-CbS5-7X1JMbwh6Yt82VHF42gt_JNjmM1uVGJFD3ehHb-_hR_vgYV-MstWjzUanQlpMNbhlykKX3j6y4J_B1jzmXcp1c1gmRhXGYsN0fHIVx8J7OtgS2eE9LKyDP8HFQbRW9GoeGNm8NF47T-ty4800UqHMBrdl72gio0hKaBpi11fzZnCCbqhMbf4teJLV0aZZhObBkjQsf1h2qhzW0blO1jR9cai2yjOxh8Uh6SezqxAHiPSMvt1WzIl7K1b1aQsroQmvSYcyi1Bqf6CK6d8ASzGa24beDoONVoDF6H4wC55KZeUc1oVmuTDi28ZeFrE7z3sjPsCeLJZIb1LPQbG8iyS7qGPu3hw9l0vEQaFkJX4bL33ALHpi7CSUVQt8gv8PU_fL23rzo6zf7c7y3oVPdgS6kvClo4IxMYc6hJM6lnL1V82J7YbGaRvk89mxir5W-dMyl46qYP9q4jwIXiy6rUaMMBMy_cfC0UV0jyHCAy-LMTBPb681cPEMaky8Giy_USqjX7EORDlJhrkoBnHN7u42Btc-TjVO008sUHd1o9JR_8KgCrcAdFFziOVAp0sF0y2QJSYseBE9YRC7iPUOWCGo0nL7GobdTtRkMFXtDipce26N7Mot9lRrNFBFy0cyrsrIcbEnz0HGgyrvYT6icOc0n8fQW2N3FDzUdBH5IiWTB2s3aXh7_GJyeX654TGrWv4ASWFhikvtoOkbv5vDxWZrHraXIU9QhXXOpiL9AeZ63qK93EFcLhMyrfL3BpeZh8BqtvzA88me2flz47_JRwosDjmJdiRoymgEU_fLR0Bn2573-9mMaeZXDiH5mzxPP2mUzkBj6KFzGn_5F2hIP1C4LoA6Ryc6v5r7rjGzT0qb592iP74g40-vYszaeKhaqAOuoAy8xBDxhVaz4iicz8YRm8nTlHarT0mmh1QJa_jkGhtMB5SNrvmya4YoS4okQ2PzW8qaDyzZc34WCwKstoCHPFQo8EYn6u5U5nU22c40z-rXhBEnG5EWB9TRL1MX29guFqaV0XcQo6pzXk7isCBtvEcJmy37IjCu9SCgEThK-hN8A9QkZlpNQF2dGXzDO1XT9EOUCNd2c9Zfzf7gzXzgQ8a9ZdgLg7PPbrFgj4XKZLbNLOQfuHxHeN3pBA4a1UgFLW64nR6zJUsdTV3u54VoR_ooodG5DCrVDTnV0smHeo9RXVCU72FmErcEQNQufsZRntBDqVPNC_OJaKrruNNVC9UvhJwljCoRyouWo1FrxW_XL0h9YLdDyfApm4RAVBoHw3O1Gpopyec5UJrWC1Wh3KHXo275meCTasL7X8TY03EDqJv4hUwjJBAo8FARU_6cwqzIu9DEHhty8LsHsyyT6t82RYeQGgvkzaBNvSGFGCXXWTRhBR5kHBtJAU6KdP2nlwZaNFThSn4j_VD2u9VqPE0fveh2R6mc3OcLI0K8pZbiW4HgSZkjQFtLVCSgQ8GtXLx7_GzmVTuUvzk8rqnBAwgLC6DBQTtb1Vp_iyGDQD7Y8lzYaGjP0fA2BabZjFVeREMkDc4Z1nwyNg-KoralBTN3MSmIeaiHc4Puccbk3ArGKQGUupWDO0YF0S1nFTLk2snk4Tnh0-GXktHv8TeGBCMuHjWGUGw0LOCOyK4cqyDnWB6poClfSTOlnEwdiEYrgnf-2cKzv5JAPl1LgrjM4qCBPRUI4XCXOQKRvOzH0UnDIhNoFMt-9c3gH9NswdvP0qLDgGPlznrY95Rzl-3FOhveX1m15_goLw7jFTxaYvPCg_6ueL5za8W07ypCVAhZClSrq1johVBS3MQTOEHrB5oxqg-lL0c_SBZSyXoWQKTo11FUdFzVSsmOa4WnrhqYVlpMV8bzxUIBVXtw_y6hhkzOsCXIdIfCOljjsG5rZdhuQxDLqQK4LnA33py2LdcEB2aSTEgQu3Q20hrNXOidHEsFYKRZcfOPO7uqXndL0ChPl_6u3OPIboG7O38yp2Wu-iIgrKzyHXJdVdClQER7uFR14j2MBlw3PLgGTDe_gMPOCKkEWD28FvIbLK1FFD92a7806rODaIumBSrA4yikR89L45RO2cN0TOtVM9JVqTyo4zw0tibF4Neh_idMZuW99hwkvWlde9Qe6CGvDfslD2yNSgf2ocEAVEO-bJPEPYC1D8ZDZd16rRvmv30BGp-tORaIZ_gR_P0ERp_1RHPw88iRziQoI9yuTDgMt3TWxhDcGlRHW6qndFVaIqTumxdqunXGdXWtInHK6lzciAEbjH-n3J_gYQavbKfWztEGt_ncT2UPObQbgoUrDAmX2c2X_4hos5OCr0TtmJXN0W-6uIMMwX_R073eBd3y7Q6Oy11b53y1H9zlwTftaT7IFFPUnkgQJm9Eat-_eAqvmB1zExML_vtXqRBoVyhkrR6NbrWh1K5NNYodEcbGrAxy-f_6Vtb-pgRKmJ4Oj4nPhcb_PXnvxFbGNhkGX0W1WE5jDCok9YMrADTunuJ05flOZ6QO_quz8Hp6t2Df9GS8ynT9p5cGWjRU4Up-I_1Q9qNOntyGiJLULuIJvT6uswNDlFQO5HpzDyGJXuQ3ughc8YjFXZ7VyMb HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=W6LwHsBtbbHd6comTX2b-wDTunuJ05flOZ6QO_quz8Ee_xrX6doZbSQ2evSzY-bCaXMJCKU4NWtsr-MHV8R2M5zFrK8Za0RbsY9D8FpX5xUqhBvSHHfrZcrOjhVVzln1W8zB3kNo-sIN5BlC1U8-9Egt6z_mLJArEvCDhzm-29kXNchPi3SsrWg6A32nM3GCiaN8nuXepmLpDLiDMAlwlEcaofFeBugVYIbwB-WufZ-TR7A48wyko-Fe2LGrel1Rno3gah83g7RpdcK6RU_FH1WAwca0CItWW0Q0LOyctEqmC1G_oICZShtT7UoF-q1O1hMoiFg5oGpN1XKT2myib0YC3otSbkWuqZyIcy_JGruSS5ZH1LaprbT5G-lo9WanWkZ5AmxkEa0Zqm35_zeNHvQqEtpRG0x48ySZ-xXqyxXm1dxDf3dB9oNG7Mq2311loFOgXVPQGmTcaxXHoV_vOAKNSLxsELKvRUN0kKuJHqJhpaU_590UenNB8T5rrgE4UOAH0-itzNY2WUIR54v4232BQnVogkQJVFqc17w-tZRBjBJSHwJeOxRQ_dmu_NOqkW4aAL8njgdHRwHCYaqOPvcKtJVAoCeHyrh8x4b-dWzN4yueHqekf2D28FvIbLK1d4ii46XRTJxGNR93Tfw0ceXviYgKdTV_nLmqhHqpoYgVxvNCUaMMvfoYZVT7pfhDnSTUDZjJ_XQ8LoZ5pZFhD7xl8RqPxfmXKJNWsEZf_pt6YB9_2UB3WHoavf051Q4OOaxGAoVl0UdX_KhdSaYVMfRCsfTGA4-2Iaj75MF8xe_el7gG6jPiNvZx7zz37RNSFvXojNZFQYNIFvpovaTdeIK5LcFmIU_PG25lr4Iicx7MdQKNXWmELSZtJLjeHrWCcCBrJXEs9nPlRzGagGwd8V5RHX37ry8YRanaJ-6TmefCV9_noAS4u1Ei9ylYwwQ35BrcePED7pZM4hk-WXT4iUKE7Kv2odduE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeqjgxMefD3S7zhnWfDI2D4qMndT0rcbhtKjIQ6n-5BK5mYxVXkRDJA3OGdZ8MjYPirxS8Ymtt-YjLGJh9XsT1FVhg0A-2PJc2Gn3XKI-qk7NremXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9QW7KM5AvPg_gcm6cqkr2IUa4AVICYzod_StlPK5YEdXlykuv0I3aNmWSQsQHXjql&ui=ebx9GOHwD8EtRC1MLj8Lw_bWwvziNp_1xLgNeF8Zj-iAnPbwwPT9sUUh1GvqpZOfCvKWW4luB4EmZI0BbS1QkoEPBrVy8e_xs5lU7lL85PLq6g33rBqZvA&si=1&oref=2be34f52e1c4013eee526b59275db087&optunit=xYoXBTSt0ERfmDjCZ_WqoA&rb=d_wwTvPFgK4&rr=0&isco=t&abtg=0 Page URL
  2. http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true HTTP 301
    https://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true Page URL
  3. https://tracking.s24.com/v3/clickout/10118d8c/9733/6537100717/5fde14a61fb29581b8da60678169e29d40fe31b0?s24cid=1753594220 HTTP 303
    https://tracking.s24.com/v3/proceed?cor_b=CiRiYmUxODEwNi0yMTEwLTQ1YmYtYWU0ZS01MDk3ZWMwZWU1ODIaCDEwMTE4ZDhjIIVMKK37kK0YMgoxNzUzNTk0MjIwQKrm2NGiMUogekVqcjREMG10S0FFcXlGdElsVnZ5b0NXQnF4V2RoY0pSdE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjExMCBTYWZhcmkvNTM3LjM2Wg00NS4xNDEuMTUyLjc3YhxodHRwczovL2NsaWNrLmNhcnRhZ2VvdXMuZGUvggEkNDQxYWYwMzAtNmI3Ny00NzI1LWIyZWItNjQ1ZmY1MmM2YmEzkAEAoAEA&cor_h=lYwogxTleVR5S-6FelLZwSJSsuecDY8GZz2gCHVHrpY%3D Page URL
  4. https://tracking.s24.com/v3/commit?cor_b=CiRiYmUxODEwNi0yMTEwLTQ1YmYtYWU0ZS01MDk3ZWMwZWU1ODIaCDEwMTE4ZDhjIIVMKK37kK0YMgoxNzUzNTk0MjIwQKrm2NGiMUogekVqcjREMG10S0FFcXlGdElsVnZ5b0NXQnF4V2RoY0pSdE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjExMCBTYWZhcmkvNTM3LjM2Wg00NS4xNDEuMTUyLjc3YhxodHRwczovL2NsaWNrLmNhcnRhZ2VvdXMuZGUvggEkNDQxYWYwMzAtNmI3Ny00NzI1LWIyZWItNjQ1ZmY1MmM2YmEzkAEAoAEA&cor_h=lYwogxTleVR5S-6FelLZwSJSsuecDY8GZz2gCHVHrpY%3D HTTP 303
    https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperation:datasyndication::10118d8c&clickref=bbe18106-2110-45bf-ae4e-5097ec0ee582 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://magellanpa.com/ HTTP 302
  • https://myckdom.com/aS/feedclick?s=ebx9GOHwD8EtRC1MLj8Lw48uDhK_8R6jT46ZjpstHTYRkb1d6n9iVxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2ZaR5qks8ohbYk3WGBAOOFmJScwobXG_fWvoc-pzn9Pld-YQ1hdtbM02XpEZOwFKSZM9vW5aBt6RcXPBHaoaiCL54g7ut9wsdnd8o4-UIZ9EN8fcZgC6dmD0BiQ9S4r2vjwCMovLKnkSxiKSh7p917ZFgPvKPAV-1UbvArvms7Fb6c5nALd3DIfnFqJlWDSod5DGjP70Keu6WT8ehT1ueloWCfT4V4LDL17U02sFDJgvB43pJxqLs4nznZ8RIJUJcLQH7SfdtOyPeNtKh2Gu_flXwsmzizzaEGRxtpa1CK6r074g38k1OMUw9zg7X1gVG3cdsWEoMafaiEn8qWMgsXjLcSJ8iFttFOABG7XRr9L345gKV8vyJ7Iu_3RH5gATxqLJwP_8J3SUJ9SVLBqa4UnpolYVLEdrrtYExGWlXvr04sseHTGS9B9jVwGGw3_r5OJnGMPspck-6UigbjrE0BCRgFG3q2HHx4aPQhkXgnbAVqC7oXGucJwNN1L_MwGVX1DL7L4P6Wqd1PsHrPW5hsELiFeeYHnn1rY05ywU0qXr-6j2D4sdhnntB918xOdJB-XxcJE5rCyib7Ev8u3d9f-WBbCuklZJRrU27BH5WQe5K2ReK1o3kzzL5F8gEMq6Se7pqIqDbULbJs5C8kzDYS1hxQ7xPRM_q3V5ZMRKJTUDuWHdElfkTmazdQ1-hjg_6FNc6CiU0dZ4PdsYF6iaiKxKsAfTvYXzKFZhnqkZ7EgnaLcNkJKTZ6Rds9FyKlAPzwgKDAGdGSjNZ4gLba-Lp3Titotrj4MNNOOze1L6omR0g5yk3G_PwCaBjielh6HFb7rwEfC7splxha1yWUQyGGpuM_F9LoDYcTxrHtBNgHgohSJ12VQYH-_LcAzU-qojLZpLw7njwA-CbS5-7X1JMbwh6Yt82VHF42gt_JNjmM1uVGJFD3ehHb-_hR_vgYV-MstWjzUanQlpMNbhlykKX3j6y4J_B1jzmXcp1c1gmRhXGYsN0fHIVx8J7OtgS2eE9LKyDP8HFQbRW9GoeGNm8NF47T-ty4800UqHMBrdl72gio0hKaBpi11fzZnCCbqhMbf4teJLV0aZZhObBkjQsf1h2qhzW0blO1jR9cai2yjOxh8Uh6SezqxAHiPSMvt1WzIl7K1b1aQsroQmvSYcyi1Bqf6CK6d8ASzGa24beDoONVoDF6H4wC55KZeUc1oVmuTDi28ZeFrE7z3sjPsCeLJZIb1LPQbG8iyS7qGPu3hw9l0vEQaFkJX4bL33ALHpi7CSUVQt8gv8PU_fL23rzo6zf7c7y3oVPdgS6kvClo4IxMYc6hJM6lnL1V82J7YbGaRvk89mxir5W-dMyl46qYP9q4jwIXiy6rUaMMBMy_cfC0UV0jyHCAy-LMTBPb681cPEMaky8Giy_USqjX7EORDlJhrkoBnHN7u42Btc-TjVO008sUHd1o9JR_8KgCrcAdFFziOVAp0sF0y2QJSYseBE9YRC7iPUOWCGo0nL7GobdTtRkMFXtDipce26N7Mot9lRrNFBFy0cyrsrIcbEnz0HGgyrvYT6icOc0n8fQW2N3FDzUdBH5IiWTB2s3aXh7_GJyeX654TGrWv4ASWFhikvtoOkbv5vDxWZrHraXIU9QhXXOpiL9AeZ63qK93EFcLhMyrfL3BpeZh8BqtvzA88me2flz47_JRwosDjmJdiRoymgEU_fLR0Bn2573-9mMaeZXDiH5mzxPP2mUzkBj6KFzGn_5F2hIP1C4LoA6Ryc6v5r7rjGzT0qb592iP74g40-vYszaeKhaqAOuoAy8xBDxhVaz4iicz8YRm8nTlHarT0mmh1QJa_jkGhtMB5SNrvmya4YoS4okQ2PzW8qaDyzZc34WCwKstoCHPFQo8EYn6u5U5nU22c40z-rXhBEnG5EWB9TRL1MX29guFqaV0XcQo6pzXk7isCBtvEcJmy37IjCu9SCgEThK-hN8A9QkZlpNQF2dGXzDO1XT9EOUCNd2c9Zfzf7gzXzgQ8a9ZdgLg7PPbrFgj4XKZLbNLOQfuHxHeN3pBA4a1UgFLW64nR6zJUsdTV3u54VoR_ooodG5DCrVDTnV0smHeo9RXVCU72FmErcEQNQufsZRntBDqVPNC_OJaKrruNNVC9UvhJwljCoRyouWo1FrxW_XL0h9YLdDyfApm4RAVBoHw3O1Gpopyec5UJrWC1Wh3KHXo275meCTasL7X8TY03EDqJv4hUwjJBAo8FARU_6cwqzIu9DEHhty8LsHsyyT6t82RYeQGgvkzaBNvSGFGCXXWTRhBR5kHBtJAU6KdP2nlwZaNFThSn4j_VD2u9VqPE0fveh2R6mc3OcLI0K8pZbiW4HgSZkjQFtLVCSgQ8GtXLx7_GzmVTuUvzk8rqnBAwgLC6DBQTtb1Vp_iyGDQD7Y8lzYaGjP0fA2BabZjFVeREMkDc4Z1nwyNg-KoralBTN3MSmIeaiHc4Puccbk3ArGKQGUupWDO0YF0S1nFTLk2snk4Tnh0-GXktHv8TeGBCMuHjWGUGw0LOCOyK4cqyDnWB6poClfSTOlnEwdiEYrgnf-2cKzv5JAPl1LgrjM4qCBPRUI4XCXOQKRvOzH0UnDIhNoFMt-9c3gH9NswdvP0qLDgGPlznrY95Rzl-3FOhveX1m15_goLw7jFTxaYvPCg_6ueL5za8W07ypCVAhZClSrq1johVBS3MQTOEHrB5oxqg-lL0c_SBZSyXoWQKTo11FUdFzVSsmOa4WnrhqYVlpMV8bzxUIBVXtw_y6hhkzOsCXIdIfCOljjsG5rZdhuQxDLqQK4LnA33py2LdcEB2aSTEgQu3Q20hrNXOidHEsFYKRZcfOPO7uqXndL0ChPl_6u3OPIboG7O38yp2Wu-iIgrKzyHXJdVdClQER7uFR14j2MBlw3PLgGTDe_gMPOCKkEWD28FvIbLK1FFD92a7806rODaIumBSrA4yikR89L45RO2cN0TOtVM9JVqTyo4zw0tibF4Neh_idMZuW99hwkvWlde9Qe6CGvDfslD2yNSgf2ocEAVEO-bJPEPYC1D8ZDZd16rRvmv30BGp-tORaIZ_gR_P0ERp_1RHPw88iRziQoI9yuTDgMt3TWxhDcGlRHW6qndFVaIqTumxdqunXGdXWtInHK6lzciAEbjH-n3J_gYQavbKfWztEGt_ncT2UPObQbgoUrDAmX2c2X_4hos5OCr0TtmJXN0W-6uIMMwX_R073eBd3y7Q6Oy11b53y1H9zlwTftaT7IFFPUnkgQJm9Eat-_eAqvmB1zExML_vtXqRBoVyhkrR6NbrWh1K5NNYodEcbGrAxy-f_6Vtb-pgRKmJ4Oj4nPhcb_PXnvxFbGNhkGX0W1WE5jDCok9YMrADTunuJ05flOZ6QO_quz8Hp6t2Df9GS8ynT9p5cGWjRU4Up-I_1Q9qNOntyGiJLULuIJvT6uswNDlFQO5HpzDyGJXuQ3ughc8YjFXZ7VyMb HTTP 302
  • https://p374591.myckdom.com/adServe/domainClick?ai=W6LwHsBtbbHd6comTX2b-wDTunuJ05flOZ6QO_quz8Ee_xrX6doZbSQ2evSzY-bCaXMJCKU4NWtsr-MHV8R2M5zFrK8Za0RbsY9D8FpX5xUqhBvSHHfrZcrOjhVVzln1W8zB3kNo-sIN5BlC1U8-9Egt6z_mLJArEvCDhzm-29kXNchPi3SsrWg6A32nM3GCiaN8nuXepmLpDLiDMAlwlEcaofFeBugVYIbwB-WufZ-TR7A48wyko-Fe2LGrel1Rno3gah83g7RpdcK6RU_FH1WAwca0CItWW0Q0LOyctEqmC1G_oICZShtT7UoF-q1O1hMoiFg5oGpN1XKT2myib0YC3otSbkWuqZyIcy_JGruSS5ZH1LaprbT5G-lo9WanWkZ5AmxkEa0Zqm35_zeNHvQqEtpRG0x48ySZ-xXqyxXm1dxDf3dB9oNG7Mq2311loFOgXVPQGmTcaxXHoV_vOAKNSLxsELKvRUN0kKuJHqJhpaU_590UenNB8T5rrgE4UOAH0-itzNY2WUIR54v4232BQnVogkQJVFqc17w-tZRBjBJSHwJeOxRQ_dmu_NOqkW4aAL8njgdHRwHCYaqOPvcKtJVAoCeHyrh8x4b-dWzN4yueHqekf2D28FvIbLK1d4ii46XRTJxGNR93Tfw0ceXviYgKdTV_nLmqhHqpoYgVxvNCUaMMvfoYZVT7pfhDnSTUDZjJ_XQ8LoZ5pZFhD7xl8RqPxfmXKJNWsEZf_pt6YB9_2UB3WHoavf051Q4OOaxGAoVl0UdX_KhdSaYVMfRCsfTGA4-2Iaj75MF8xe_el7gG6jPiNvZx7zz37RNSFvXojNZFQYNIFvpovaTdeIK5LcFmIU_PG25lr4Iicx7MdQKNXWmELSZtJLjeHrWCcCBrJXEs9nPlRzGagGwd8V5RHX37ry8YRanaJ-6TmefCV9_noAS4u1Ei9ylYwwQ35BrcePED7pZM4hk-WXT4iUKE7Kv2odduE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeqjgxMefD3S7zhnWfDI2D4qMndT0rcbhtKjIQ6n-5BK5mYxVXkRDJA3OGdZ8MjYPirxS8Ymtt-YjLGJh9XsT1FVhg0A-2PJc2Gn3XKI-qk7NremXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9QW7KM5AvPg_gcm6cqkr2IUa4AVICYzod_StlPK5YEdXlykuv0I3aNmWSQsQHXjql&ui=ebx9GOHwD8EtRC1MLj8Lw_bWwvziNp_1xLgNeF8Zj-iAnPbwwPT9sUUh1GvqpZOfCvKWW4luB4EmZI0BbS1QkoEPBrVy8e_xs5lU7lL85PLq6g33rBqZvA&si=1&oref=2be34f52e1c4013eee526b59275db087&optunit=xYoXBTSt0ERfmDjCZ_WqoA&rb=d_wwTvPFgK4&rr=0&isco=t&abtg=0
Request Chain 1
  • http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true HTTP 301
  • https://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true
Request Chain 7
  • https://tracking.s24.com/v3/clickout/10118d8c/9733/6537100717/5fde14a61fb29581b8da60678169e29d40fe31b0?s24cid=1753594220 HTTP 303
  • https://tracking.s24.com/v3/proceed?cor_b=CiRiYmUxODEwNi0yMTEwLTQ1YmYtYWU0ZS01MDk3ZWMwZWU1ODIaCDEwMTE4ZDhjIIVMKK37kK0YMgoxNzUzNTk0MjIwQKrm2NGiMUogekVqcjREMG10S0FFcXlGdElsVnZ5b0NXQnF4V2RoY0pSdE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjExMCBTYWZhcmkvNTM3LjM2Wg00NS4xNDEuMTUyLjc3YhxodHRwczovL2NsaWNrLmNhcnRhZ2VvdXMuZGUvggEkNDQxYWYwMzAtNmI3Ny00NzI1LWIyZWItNjQ1ZmY1MmM2YmEzkAEAoAEA&cor_h=lYwogxTleVR5S-6FelLZwSJSsuecDY8GZz2gCHVHrpY%3D

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
domainClick
p374591.myckdom.com/adServe/
Redirect Chain
  • http://magellanpa.com/
  • https://myckdom.com/aS/feedclick?s=ebx9GOHwD8EtRC1MLj8Lw48uDhK_8R6jT46ZjpstHTYRkb1d6n9iVxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2ZaR5qks8ohbYk3WGBAOOFmJScwobXG_fWvoc-pzn9Pld-YQ1hdtbM02XpEZOwFKSZM9vW5aBt6RcX...
  • https://p374591.myckdom.com/adServe/domainClick?ai=W6LwHsBtbbHd6comTX2b-wDTunuJ05flOZ6QO_quz8Ee_xrX6doZbSQ2evSzY-bCaXMJCKU4NWtsr-MHV8R2M5zFrK8Za0RbsY9D8FpX5xUqhBvSHHfrZcrOjhVVzln1W8zB3kNo-sIN5BlC1U...
335 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p374591.myckdom.com/adServe/domainClick?ai=W6LwHsBtbbHd6comTX2b-wDTunuJ05flOZ6QO_quz8Ee_xrX6doZbSQ2evSzY-bCaXMJCKU4NWtsr-MHV8R2M5zFrK8Za0RbsY9D8FpX5xUqhBvSHHfrZcrOjhVVzln1W8zB3kNo-sIN5BlC1U8-9Egt6z_mLJArEvCDhzm-29kXNchPi3SsrWg6A32nM3GCiaN8nuXepmLpDLiDMAlwlEcaofFeBugVYIbwB-WufZ-TR7A48wyko-Fe2LGrel1Rno3gah83g7RpdcK6RU_FH1WAwca0CItWW0Q0LOyctEqmC1G_oICZShtT7UoF-q1O1hMoiFg5oGpN1XKT2myib0YC3otSbkWuqZyIcy_JGruSS5ZH1LaprbT5G-lo9WanWkZ5AmxkEa0Zqm35_zeNHvQqEtpRG0x48ySZ-xXqyxXm1dxDf3dB9oNG7Mq2311loFOgXVPQGmTcaxXHoV_vOAKNSLxsELKvRUN0kKuJHqJhpaU_590UenNB8T5rrgE4UOAH0-itzNY2WUIR54v4232BQnVogkQJVFqc17w-tZRBjBJSHwJeOxRQ_dmu_NOqkW4aAL8njgdHRwHCYaqOPvcKtJVAoCeHyrh8x4b-dWzN4yueHqekf2D28FvIbLK1d4ii46XRTJxGNR93Tfw0ceXviYgKdTV_nLmqhHqpoYgVxvNCUaMMvfoYZVT7pfhDnSTUDZjJ_XQ8LoZ5pZFhD7xl8RqPxfmXKJNWsEZf_pt6YB9_2UB3WHoavf051Q4OOaxGAoVl0UdX_KhdSaYVMfRCsfTGA4-2Iaj75MF8xe_el7gG6jPiNvZx7zz37RNSFvXojNZFQYNIFvpovaTdeIK5LcFmIU_PG25lr4Iicx7MdQKNXWmELSZtJLjeHrWCcCBrJXEs9nPlRzGagGwd8V5RHX37ry8YRanaJ-6TmefCV9_noAS4u1Ei9ylYwwQ35BrcePED7pZM4hk-WXT4iUKE7Kv2odduE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeqjgxMefD3S7zhnWfDI2D4qMndT0rcbhtKjIQ6n-5BK5mYxVXkRDJA3OGdZ8MjYPirxS8Ymtt-YjLGJh9XsT1FVhg0A-2PJc2Gn3XKI-qk7NremXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9QW7KM5AvPg_gcm6cqkr2IUa4AVICYzod_StlPK5YEdXlykuv0I3aNmWSQsQHXjql&ui=ebx9GOHwD8EtRC1MLj8Lw_bWwvziNp_1xLgNeF8Zj-iAnPbwwPT9sUUh1GvqpZOfCvKWW4luB4EmZI0BbS1QkoEPBrVy8e_xs5lU7lL85PLq6g33rBqZvA&si=1&oref=2be34f52e1c4013eee526b59275db087&optunit=xYoXBTSt0ERfmDjCZ_WqoA&rb=d_wwTvPFgK4&rr=0&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 25 Aug 2023 01:01:47 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 25 Aug 2023 01:01:47 GMT
location
https://p374591.myckdom.com/adServe/domainClick?ai=W6LwHsBtbbHd6comTX2b-wDTunuJ05flOZ6QO_quz8Ee_xrX6doZbSQ2evSzY-bCaXMJCKU4NWtsr-MHV8R2M5zFrK8Za0RbsY9D8FpX5xUqhBvSHHfrZcrOjhVVzln1W8zB3kNo-sIN5BlC1U8-9Egt6z_mLJArEvCDhzm-29kXNchPi3SsrWg6A32nM3GCiaN8nuXepmLpDLiDMAlwlEcaofFeBugVYIbwB-WufZ-TR7A48wyko-Fe2LGrel1Rno3gah83g7RpdcK6RU_FH1WAwca0CItWW0Q0LOyctEqmC1G_oICZShtT7UoF-q1O1hMoiFg5oGpN1XKT2myib0YC3otSbkWuqZyIcy_JGruSS5ZH1LaprbT5G-lo9WanWkZ5AmxkEa0Zqm35_zeNHvQqEtpRG0x48ySZ-xXqyxXm1dxDf3dB9oNG7Mq2311loFOgXVPQGmTcaxXHoV_vOAKNSLxsELKvRUN0kKuJHqJhpaU_590UenNB8T5rrgE4UOAH0-itzNY2WUIR54v4232BQnVogkQJVFqc17w-tZRBjBJSHwJeOxRQ_dmu_NOqkW4aAL8njgdHRwHCYaqOPvcKtJVAoCeHyrh8x4b-dWzN4yueHqekf2D28FvIbLK1d4ii46XRTJxGNR93Tfw0ceXviYgKdTV_nLmqhHqpoYgVxvNCUaMMvfoYZVT7pfhDnSTUDZjJ_XQ8LoZ5pZFhD7xl8RqPxfmXKJNWsEZf_pt6YB9_2UB3WHoavf051Q4OOaxGAoVl0UdX_KhdSaYVMfRCsfTGA4-2Iaj75MF8xe_el7gG6jPiNvZx7zz37RNSFvXojNZFQYNIFvpovaTdeIK5LcFmIU_PG25lr4Iicx7MdQKNXWmELSZtJLjeHrWCcCBrJXEs9nPlRzGagGwd8V5RHX37ry8YRanaJ-6TmefCV9_noAS4u1Ei9ylYwwQ35BrcePED7pZM4hk-WXT4iUKE7Kv2odduE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeqjgxMefD3S7zhnWfDI2D4qMndT0rcbhtKjIQ6n-5BK5mYxVXkRDJA3OGdZ8MjYPirxS8Ymtt-YjLGJh9XsT1FVhg0A-2PJc2Gn3XKI-qk7NremXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9QW7KM5AvPg_gcm6cqkr2IUa4AVICYzod_StlPK5YEdXlykuv0I3aNmWSQsQHXjql&ui=ebx9GOHwD8EtRC1MLj8Lw_bWwvziNp_1xLgNeF8Zj-iAnPbwwPT9sUUh1GvqpZOfCvKWW4luB4EmZI0BbS1QkoEPBrVy8e_xs5lU7lL85PLq6g33rBqZvA&si=1&oref=2be34f52e1c4013eee526b59275db087&optunit=xYoXBTSt0ERfmDjCZ_WqoA&rb=d_wwTvPFgK4&rr=0&isco=t&abtg=0
server
nginx
/
click.cartageous.de/
Redirect Chain
  • http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true
  • https://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true
Requested by
Host: p374591.myckdom.com
URL: https://p374591.myckdom.com/adServe/domainClick?ai=W6LwHsBtbbHd6comTX2b-wDTunuJ05flOZ6QO_quz8Ee_xrX6doZbSQ2evSzY-bCaXMJCKU4NWtsr-MHV8R2M5zFrK8Za0RbsY9D8FpX5xUqhBvSHHfrZcrOjhVVzln1W8zB3kNo-sIN5BlC1U8-9Egt6z_mLJArEvCDhzm-29kXNchPi3SsrWg6A32nM3GCiaN8nuXepmLpDLiDMAlwlEcaofFeBugVYIbwB-WufZ-TR7A48wyko-Fe2LGrel1Rno3gah83g7RpdcK6RU_FH1WAwca0CItWW0Q0LOyctEqmC1G_oICZShtT7UoF-q1O1hMoiFg5oGpN1XKT2myib0YC3otSbkWuqZyIcy_JGruSS5ZH1LaprbT5G-lo9WanWkZ5AmxkEa0Zqm35_zeNHvQqEtpRG0x48ySZ-xXqyxXm1dxDf3dB9oNG7Mq2311loFOgXVPQGmTcaxXHoV_vOAKNSLxsELKvRUN0kKuJHqJhpaU_590UenNB8T5rrgE4UOAH0-itzNY2WUIR54v4232BQnVogkQJVFqc17w-tZRBjBJSHwJeOxRQ_dmu_NOqkW4aAL8njgdHRwHCYaqOPvcKtJVAoCeHyrh8x4b-dWzN4yueHqekf2D28FvIbLK1d4ii46XRTJxGNR93Tfw0ceXviYgKdTV_nLmqhHqpoYgVxvNCUaMMvfoYZVT7pfhDnSTUDZjJ_XQ8LoZ5pZFhD7xl8RqPxfmXKJNWsEZf_pt6YB9_2UB3WHoavf051Q4OOaxGAoVl0UdX_KhdSaYVMfRCsfTGA4-2Iaj75MF8xe_el7gG6jPiNvZx7zz37RNSFvXojNZFQYNIFvpovaTdeIK5LcFmIU_PG25lr4Iicx7MdQKNXWmELSZtJLjeHrWCcCBrJXEs9nPlRzGagGwd8V5RHX37ry8YRanaJ-6TmefCV9_noAS4u1Ei9ylYwwQ35BrcePED7pZM4hk-WXT4iUKE7Kv2odduE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeqjgxMefD3S7zhnWfDI2D4qMndT0rcbhtKjIQ6n-5BK5mYxVXkRDJA3OGdZ8MjYPirxS8Ymtt-YjLGJh9XsT1FVhg0A-2PJc2Gn3XKI-qk7NremXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9QW7KM5AvPg_gcm6cqkr2IUa4AVICYzod_StlPK5YEdXlykuv0I3aNmWSQsQHXjql&ui=ebx9GOHwD8EtRC1MLj8Lw_bWwvziNp_1xLgNeF8Zj-iAnPbwwPT9sUUh1GvqpZOfCvKWW4luB4EmZI0BbS1QkoEPBrVy8e_xs5lU7lL85PLq6g33rBqZvA&si=1&oref=2be34f52e1c4013eee526b59275db087&optunit=xYoXBTSt0ERfmDjCZ_WqoA&rb=d_wwTvPFgK4&rr=0&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-61-66.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d11dbeb293b5361c9a021dd7d1128cd37ec4e24bebd9bda67cd92fa819d4d44b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://p374591.myckdom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 25 Aug 2023 01:01:48 GMT
etag
W/"90b-r1wP8rklQIjh8fduyyAUDc7JW0o"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Fri, 25 Aug 2023 01:01:48 GMT
Location
https://click.cartageous.de:443/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true
Server
awselb/2.0
landing.min.js
click.cartageous.de/js/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/js/landing.min.js
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-61-66.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f86941ddd37c9824e12d130b44bbdd7c14637160aac9f17322e97e32cf1e20be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:01:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 09 Mar 2023 13:21:53 GMT
content-encoding
gzip
etag
W/"10ae6-186c6890168"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
vary
Accept-Encoding
accept-ranges
bytes
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0a7896b676327b0104f57fb692a30bd23c98e54df1c0d893c544f652e573d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 25 Aug 2023 01:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 00:59:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Aug 2023 01:01:48 GMT
bcloader.gif
click.cartageous.de/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.cartageous.de/images/bcloader.gif
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-61-66.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:01:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 09 Mar 2023 13:21:53 GMT
etag
W/"6816-186c6890168"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
content-length
26646
x-xss-protection
1; mode=block
updateClickStatus
click.cartageous.de/ 		212 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/updateClickStatus
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/js/landing.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-61-66.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=9733&subid=ch_446095436|010_df_s24_de_merchant_SilkesWeinkeller|&rn=true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Aug 2023 01:01:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"d4-0ORej5JFmw9svK7vaDlbWaWzmRk"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
content-length
212
x-xss-protection
1; mode=block
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://click.cartageous.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 06:25:13 GMT
x-content-type-options
nosniff
age
498996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 06:25:13 GMT
proceed
tracking.s24.com/v3/
Redirect Chain
  • https://tracking.s24.com/v3/clickout/10118d8c/9733/6537100717/5fde14a61fb29581b8da60678169e29d40fe31b0?s24cid=1753594220
  • https://tracking.s24.com/v3/proceed?cor_b=CiRiYmUxODEwNi0yMTEwLTQ1YmYtYWU0ZS01MDk3ZWMwZWU1ODIaCDEwMTE4ZDhjIIVMKK37kK0YMgoxNzUzNTk0MjIwQKrm2NGiMUogekVqcjREMG10S0FFcXlGdElsVnZ5b0NXQnF4V2RoY0pSdE1veml...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking.s24.com/v3/proceed?cor_b=CiRiYmUxODEwNi0yMTEwLTQ1YmYtYWU0ZS01MDk3ZWMwZWU1ODIaCDEwMTE4ZDhjIIVMKK37kK0YMgoxNzUzNTk0MjIwQKrm2NGiMUogekVqcjREMG10S0FFcXlGdElsVnZ5b0NXQnF4V2RoY0pSdE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjExMCBTYWZhcmkvNTM3LjM2Wg00NS4xNDEuMTUyLjc3YhxodHRwczovL2NsaWNrLmNhcnRhZ2VvdXMuZGUvggEkNDQxYWYwMzAtNmI3Ny00NzI1LWIyZWItNjQ1ZmY1MmM2YmEzkAEAoAEA&cor_h=lYwogxTleVR5S-6FelLZwSJSsuecDY8GZz2gCHVHrpY%3D
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/js/landing.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.29.232.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f55fbebf5caa96d813facf454350a0b967c443dc6068185159622f46e7bc9afa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://click.cartageous.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-language
de-DE
content-length
1370
content-type
text/html;charset=UTF-8
date
Fri, 25 Aug 2023 01:01:49 GMT
etag
"0e67fd227d407aa5417323af269cb1483"
p3p
CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
strict-transport-security
max-age=15724800; includeSubDomains
x-51d-browsername
Chrome
x-51d-browserversion
Unknown
x-browsername
Chrome
x-browservendor
Google
x-browserversion
Unknown
x-robots-tag
noindex, nofollow

Redirect headers

cache-control
no-cache, no-store
content-language
de-DE
content-length
0
date
Fri, 25 Aug 2023 01:01:49 GMT
location
https://tracking.s24.com/v3/proceed?cor_b=CiRiYmUxODEwNi0yMTEwLTQ1YmYtYWU0ZS01MDk3ZWMwZWU1ODIaCDEwMTE4ZDhjIIVMKK37kK0YMgoxNzUzNTk0MjIwQKrm2NGiMUogekVqcjREMG10S0FFcXlGdElsVnZ5b0NXQnF4V2RoY0pSdE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjExMCBTYWZhcmkvNTM3LjM2Wg00NS4xNDEuMTUyLjc3YhxodHRwczovL2NsaWNrLmNhcnRhZ2VvdXMuZGUvggEkNDQxYWYwMzAtNmI3Ny00NzI1LWIyZWItNjQ1ZmY1MmM2YmEzkAEAoAEA&cor_h=lYwogxTleVR5S-6FelLZwSJSsuecDY8GZz2gCHVHrpY%3D
p3p
CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
strict-transport-security
max-age=15724800; includeSubDomains
x-51d-browsername
Chrome
x-51d-browserversion
Unknown
x-browsername
Chrome
x-browservendor
Google
x-browserversion
Unknown
x-robots-tag
noindex, nofollow
Primary Request recommendations
widget.s24.com/
Redirect Chain
  • https://tracking.s24.com/v3/commit?cor_b=CiRiYmUxODEwNi0yMTEwLTQ1YmYtYWU0ZS01MDk3ZWMwZWU1ODIaCDEwMTE4ZDhjIIVMKK37kK0YMgoxNzUzNTk0MjIwQKrm2NGiMUogekVqcjREMG10S0FFcXlGdElsVnZ5b0NXQnF4V2RoY0pSdE1vemls...
  • https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperation:datasyndication::10118d8c&clickref=bbe18106-2110-45bf-ae4e-5097ec0ee582
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperation:datasyndication::10118d8c&clickref=bbe18106-2110-45bf-ae4e-5097ec0ee582
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.29.232.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9887af65a5232c9854bd1275b9f9d94cfba89d15aadfd4d8e3ec4b5a28b2579b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://tracking.s24.com
Referer
https://tracking.s24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 25 Aug 2023 01:01:49 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding Origin
x-51d-devicetype
Desktop
x-51d-iscrawler
False

Redirect headers

content-language
de-DE
content-length
0
date
Fri, 25 Aug 2023 01:01:49 GMT
location
https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperation:datasyndication::10118d8c&clickref=bbe18106-2110-45bf-ae4e-5097ec0ee582
p3p
CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
strict-transport-security
max-age=15724800; includeSubDomains
x-51d-browsername
Chrome
x-51d-browserversion
Unknown
x-browsername
Chrome
x-browservendor
Google
x-browserversion
Unknown
x-robots-tag
noindex, nofollow
css
fonts.googleapis.com/ 		7 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:800i|Source+Sans+Pro:400,600
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperation:datasyndication::10118d8c&clickref=bbe18106-2110-45bf-ae4e-5097ec0ee582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba0bef435b945ae20e5f732a5ef858aa73434fb6b8793f91828dd0e3332786f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 25 Aug 2023 01:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 01:01:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Aug 2023 01:01:49 GMT
s24widget.min.js
widget.s24.com/js/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.s24.com/js/s24widget.min.js
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperation:datasyndication::10118d8c&clickref=bbe18106-2110-45bf-ae4e-5097ec0ee582
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.29.232.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ea780264d27653d85deda9e119035f6f008db732e48335f3ded9936a0c8bab92
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperation:datasyndication::10118d8c&clickref=bbe18106-2110-45bf-ae4e-5097ec0ee582
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:01:49 GMT
x-51d-iscrawler
False
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 23 Aug 2023 21:53:17 GMT
etag
W/"64e67fcd-b428"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-51d-devicetype
Desktop
products
widget.s24.com/applications/531f129b/widgets/189/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.s24.com/applications/531f129b/widgets/189/products?searchTerm=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&origin=https%3A%2F%2Fwidget.s24.com%2Frecommendations%3Ftitle%3DKorrell%2520Wei%25C3%259Fer%2520Burgunder%2520vom%2520Nahe-Kies%25202022%26s24cid%3Dcooperation%3Adatasyndication%3A%3A10118d8c%26clickref%3Dbbe18106-2110-45bf-ae4e-5097ec0ee582
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.29.232.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
62bc44984551ae52ea259e271a67c0b4345c47c4e590f12cddb6aca66a606937
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperation:datasyndication::10118d8c&clickref=bbe18106-2110-45bf-ae4e-5097ec0ee582
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 01:01:50 GMT
x-51d-iscrawler
False
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding, Origin
content-type
application/json
cache-control
private, must-revalidate
x-51d-devicetype
Desktop
expires
-1
css
fonts.googleapis.com/ 		7 KB
735 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,300
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83d6a46448afb87cedc4b6d5204b05ea79df73d5c8b911fff76dee3219ee9281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 25 Aug 2023 01:01:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 23:45:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Aug 2023 01:01:50 GMT
css
fonts.googleapis.com/ 		1 KB
408 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,900
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0237376c93777aab26c4ccdb9e5c4a7c27bfe517da39a0a626d3d54044ce23b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 25 Aug 2023 01:01:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 01:01:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Aug 2023 01:01:50 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800i|Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widget.s24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 23:04:46 GMT
x-content-type-options
nosniff
age
525424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 23:04:46 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800i|Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widget.s24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 03:41:01 GMT
x-content-type-options
nosniff
age
595249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 03:41:01 GMT
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk0ZjWVAewA.woff2
fonts.gstatic.com/s/opensans/v35/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk0ZjWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800i|Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
935955a876347df81e175a2e088796c3e60f5531d867d50298ccb9eaf555b582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widget.s24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 15:12:42 GMT
x-content-type-options
nosniff
age
553748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19076
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 15:12:42 GMT
gtm.js
www.googletagmanager.com/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NMWF6ZW&l=s24DataLayer
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7367f7dfb2f7f14f122b64757dafad711014d48609866bac1cdf853159230e34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:01:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68654
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 25 Aug 2023 01:01:50 GMT
5480164137
s24.media/152x152/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/5480164137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-61.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:57:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 02:54:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79468
etag
"98cb14914ae053797d5173fef9fcf612"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2630000
accept-ranges
bytes
content-length
2489
x-amz-cf-id
CutQVGYSJ5tEZDXOmQOsjT9W5rIyBrYYlHmc9fae8YlkLDI81fR7qA==
versand_18x9.png
emmi-findet.de/images/ 		536 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmi-findet.de/images/versand_18x9.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.29.232.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:01:50 GMT
x-51d-iscrawler
False
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 23 Aug 2023 21:53:17 GMT
etag
"64e67fcd-218"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
x-51d-devicetype
Desktop
expires
Thu, 31 Dec 2037 23:55:55 GMT
5480376241
s24.media/152x152/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/5480376241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-61.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:57:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 02:54:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79468
etag
"98cb14914ae053797d5173fef9fcf612"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2630000
accept-ranges
bytes
content-length
2489
x-amz-cf-id
U4sTwGp5TMeg82deI6Fnr4UdbFhfa5VMB7jv1gpxBxTFeMrvVtKcKw==
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widget.s24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 23:04:46 GMT
x-content-type-options
nosniff
age
525424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 23:04:46 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widget.s24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 03:41:01 GMT
x-content-type-options
nosniff
age
595249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 03:41:01 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMWF6ZW&l=s24DataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 23:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4327
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 25 Aug 2023 01:49:43 GMT
5480164137
s24.media/152x152/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/5480164137
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-61.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:57:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 02:54:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79468
etag
"98cb14914ae053797d5173fef9fcf612"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2630000
accept-ranges
bytes
content-length
2489
x-amz-cf-id
ci_7vgMf6uRMs4xd_yK4WeUEa1Ap9EwuhXla3ylcar5Hu47JDpgjSQ==
versand_18x9.png
emmi-findet.de/images/ 		536 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmi-findet.de/images/versand_18x9.png
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.29.232.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:01:50 GMT
x-51d-iscrawler
False
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 23 Aug 2023 21:53:17 GMT
etag
"64e67fcd-218"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
x-51d-devicetype
Desktop
expires
Thu, 31 Dec 2037 23:55:55 GMT
5480376241
s24.media/152x152/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/5480376241
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-61.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:57:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 02:54:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79468
etag
"98cb14914ae053797d5173fef9fcf612"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2630000
accept-ranges
bytes
content-length
2489
x-amz-cf-id
zl3MB0POmrauVnlLEbHYtRgLKF5Id4mY2oyeDlFWd2iQfkAup0c4SA==
5480164137
s24.media/152x152/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/5480164137
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-61.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:57:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 02:54:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79468
etag
"98cb14914ae053797d5173fef9fcf612"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2630000
accept-ranges
bytes
content-length
2489
x-amz-cf-id
0UeR2EegeNHOcK61TLAMRtXO2yxE1m30JmD66-RTqa88v-1Gkk197A==
versand_18x9.png
emmi-findet.de/images/ 		536 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmi-findet.de/images/versand_18x9.png
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.29.232.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:01:50 GMT
x-51d-iscrawler
False
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 23 Aug 2023 21:53:17 GMT
etag
"64e67fcd-218"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
x-51d-devicetype
Desktop
expires
Thu, 31 Dec 2037 23:55:55 GMT
5480376241
s24.media/152x152/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/5480376241
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-61.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:57:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 02:54:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79468
etag
"98cb14914ae053797d5173fef9fcf612"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2630000
accept-ranges
bytes
content-length
2489
x-amz-cf-id
Tb9jXUBe3Hy2t3YtGxq43VYaOS2cIxWlEt7oaL6dzJguS8MtX1tMqg==
5480164137
s24.media/152x152/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/5480164137
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-61.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:57:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 02:54:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79469
etag
"98cb14914ae053797d5173fef9fcf612"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2630000
accept-ranges
bytes
content-length
2489
x-amz-cf-id
IDrbj6l7xOB_idJdiCC73ryhLuFfvXr1IBH0F_tdBccjBFu811-Xhg==
versand_18x9.png
emmi-findet.de/images/ 		536 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmi-findet.de/images/versand_18x9.png
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.29.232.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:01:51 GMT
x-51d-iscrawler
False
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 23 Aug 2023 21:53:17 GMT
etag
"64e67fcd-218"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
x-51d-devicetype
Desktop
expires
Thu, 31 Dec 2037 23:55:55 GMT
5480376241
s24.media/152x152/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/5480376241
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-61.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:57:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 02:54:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79469
etag
"98cb14914ae053797d5173fef9fcf612"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2630000
accept-ranges
bytes
content-length
2489
x-amz-cf-id
DLjLcgvtNU9Ni1BdDPc1grV536vbeZXGpH8VtWR_vMqGpCpBXINWeg==
trackAdImpression
widget.s24.com/applications/531f129b/widgets/189/ 		0
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.s24.com/applications/531f129b/widgets/189/trackAdImpression?searchTerm=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&origin=https%3A%2F%2Fwidget.s24.com%2Frecommendations%3Ftitle%3DKorrell%2520Wei%25C3%259Fer%2520Burgunder%2520vom%2520Nahe-Kies%25202022%26s24cid%3Dcooperation%3Adatasyndication%3A%3A10118d8c%26clickref%3Dbbe18106-2110-45bf-ae4e-5097ec0ee582&top=124.390625
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.29.232.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Korrell%20Wei%C3%9Fer%20Burgunder%20vom%20Nahe-Kies%202022&s24cid=cooperation:datasyndication::10118d8c&clickref=bbe18106-2110-45bf-ae4e-5097ec0ee582
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 01:01:51 GMT
google-delayed-impression
1
x-51d-iscrawler
False
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
cache-control
private, must-revalidate
x-51d-devicetype
Desktop
expires
-1
5480164137
s24.media/152x152/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/5480164137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-61.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:57:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 02:54:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79469
etag
"98cb14914ae053797d5173fef9fcf612"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2630000
accept-ranges
bytes
content-length
2489
x-amz-cf-id
sk6vJUsGrgtnYDPLZMovCaZevbMl2u2M5xgt4vG5heo9pTPwycartA==
versand_18x9.png
emmi-findet.de/images/ 		536 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmi-findet.de/images/versand_18x9.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.29.232.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-232-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:01:51 GMT
x-51d-iscrawler
False
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 23 Aug 2023 21:53:17 GMT
etag
"64e67fcd-218"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
x-51d-devicetype
Desktop
expires
Thu, 31 Dec 2037 23:55:55 GMT
5480376241
s24.media/152x152/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/5480376241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-61.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.s24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:57:23 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 02:54:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
79469
etag
"98cb14914ae053797d5173fef9fcf612"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2630000
accept-ranges
bytes
content-length
2489
x-amz-cf-id
cQUHkWqa7sYnk0J_BVYplNIiK5NbNOtJalLqPltPbihr9ay3Yp0YBQ==

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| recomad object| s24DataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
.myckdom.com/ Name: rhid
Value: 83574470649
.myckdom.com/ Name: loi
Value: ad_1135665_off_580064_aff_11683_cid_374591-MAGELLANPA.COM_ts_1692925307
.s24.com/ Name: co-session
Value: zEjr4D0mtKAEqyFtIlVvyoCWBqxWdhcJ
.s24.com/ Name: s24uid
Value: 441af030-6b77-4725-b2eb-645ff52c6ba3
.s24.com/ Name: _ga
Value: GA1.2.407305281.1692925310
.s24.com/ Name: _gid
Value: GA1.2.1597611877.1692925310
widget.s24.com/ Name: laravel_session
Value: eyJpdiI6IkZIRERMRW1XbnEzR250L0tKcE8weUE9PSIsInZhbHVlIjoiMHlWalErcWJraWpLeEp1UjR2QTNGemVWQURUYW1ldTUrN2NhNmZjYW8rbWphZGZZdiswazU5OHZrakVvcXp2Mm1Hakp0bXliTm4zS0VQMnNOeUR2NElUWWJtZmU2T3JOT3BPdEM0bmhyYXM2NVBTSStMak10OUsrMnM4b1gxdjciLCJtYWMiOiIwOWQyOTRlMjA3OTdmNTJkODQ4NDgxZTdiNjE5ZWZhMTU0Y2U3MTBhYzYxNDk3NzdmNmI5YmVlYjM1MmQ1MTQ5IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.cartageous.de
emmi-findet.de
fonts.googleapis.com
fonts.gstatic.com
magellanpa.com
myckdom.com
p374591.myckdom.com
s24.media
tracking.s24.com
widget.s24.com
www.google-analytics.com
www.googletagmanager.com
143.204.215.61
167.172.228.26
2a00:1450:4001:802::200a
2a00:1450:4001:813::2003
2a00:1450:4001:829::2008
2a00:1450:4001:830::200e
52.117.247.211
52.29.232.52
52.43.61.66
39fdf931274b1f3c086fbf4f86e2fc1c322da78868a84d67847071b9a56b5a70
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
62bc44984551ae52ea259e271a67c0b4345c47c4e590f12cddb6aca66a606937
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
7367f7dfb2f7f14f122b64757dafad711014d48609866bac1cdf853159230e34
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
83d6a46448afb87cedc4b6d5204b05ea79df73d5c8b911fff76dee3219ee9281
935955a876347df81e175a2e088796c3e60f5531d867d50298ccb9eaf555b582
9887af65a5232c9854bd1275b9f9d94cfba89d15aadfd4d8e3ec4b5a28b2579b
b0a7896b676327b0104f57fb692a30bd23c98e54df1c0d893c544f652e573d50
ba0bef435b945ae20e5f732a5ef858aa73434fb6b8793f91828dd0e3332786f2
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d0237376c93777aab26c4ccdb9e5c4a7c27bfe517da39a0a626d3d54044ce23b
d11dbeb293b5361c9a021dd7d1128cd37ec4e24bebd9bda67cd92fa819d4d44b
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea780264d27653d85deda9e119035f6f008db732e48335f3ded9936a0c8bab92
f55fbebf5caa96d813facf454350a0b967c443dc6068185159622f46e7bc9afa
f86941ddd37c9824e12d130b44bbdd7c14637160aac9f17322e97e32cf1e20be