www.madeleine.de
104.18.3.70

Go To Rescan
Add Verdict Report

Submitted URL:
http://metroforsteam.com/
Effective URL:
https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
Submission: On February 07 via api (February 7th 2023, 8:24:22 am UTC) from CZ — Scanned from DE

Summary HTTP 69 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 18 domains to perform 69 HTTP transactions. The main IP is 104.18.3.70, located in and belongs to CLOUDFLARENET, US. The main domain is www.madeleine.de.
TLS certificate: Issued by E1 on January 21st 2023. Valid for: 3 months.

This is the only time www.madeleine.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	69.16.230.42 69.16.230.42	32244 (LIQUIDWEB) (LIQUIDWEB)
1 2	52.116.53.155 52.116.53.155	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2606:4700:303... 2606:4700:3032::ac43:a12e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.125.239.17 3.125.239.17	16509 (AMAZON-02) (AMAZON-02)
1	54.230.111.22 54.230.111.22	16509 (AMAZON-02) (AMAZON-02)
1 3	95.211.116.26 95.211.116.26	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.66.112.3 18.66.112.3	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 1	104.80.244.96 104.80.244.96	16625 (AKAMAI-AS) (AKAMAI-AS)
16	104.18.3.70 104.18.3.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.118.11.88 34.118.11.88	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15	2600:1901:0:5... 2600:1901:0:5987::	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f70... 2a02:26f0:f700:481::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:1901:0:c... 2600:1901:0:c07c::	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7903::	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:1... 2600:1901:0:1e38::	15169 (GOOGLE) (GOOGLE)
1	185.54.150.11 185.54.150.11	60164 (WEBTREKK-AS) (WEBTREKK-AS)
3	2a02:26f0:350... 2a02:26f0:3500:14::1724:a252	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	63.33.186.64 63.33.186.64	16509 (AMAZON-02) (AMAZON-02)
1	185.54.150.115 185.54.150.115	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1 2	185.54.150.132 185.54.150.132	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	34.95.108.180 34.95.108.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	185.54.150.12 185.54.150.12	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	2a02:26f0:710... 2a02:26f0:7100::687e:24e0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	185.54.150.79 185.54.150.79	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1 2	185.54.150.123 185.54.150.123	60164 (WEBTREKK-AS) (WEBTREKK-AS)
69	25

2 69.16.230.42 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

metroforsteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.116.53.155 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 9b.35.7434.ip4.static.sl-reverse.com

mybettermb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p237996.mybettermb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a12e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

geotrkclknow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.239.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com

doqxysy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.111.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-111-22.osl50.r.cloudfront.net

api.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.211.116.26 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com

de-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-3.fra56.r.cloudfront.net

dd.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.80.244.96 (Berlin, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-244-96.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)

www.madeleine.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.118.11.88 (Warsaw, Poland)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.11.118.34.bc.googleusercontent.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:481::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

assets-production-mm.cstmrc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7903:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

graphql.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:1e38:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

consent-api.service.consent.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.11 (Germany)

ASN60164 (WEBTREKK-AS, DE)

cdn.mateti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:14::1724:a252 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i8.amplience.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.186.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.115 (Germany)

ASN60164 (WEBTREKK-AS, DE)

cdn.wbtrk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.54.150.132 (Germany) 1 redirects

ASN60164 (WEBTREKK-AS, DE)

wttd.madeleine.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com

uct.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.54.150.12 (Germany)

ASN60164 (WEBTREKK-AS, DE)

r.mateti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::687e:24e0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

x1.adis.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.54.150.79 (Germany)

ASN60164 (WEBTREKK-AS, DE)

geid.wbtrk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.54.150.123 (Germany) 1 redirects

ASN60164 (WEBTREKK-AS, DE)

fbc.wcfbc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	usercentrics.eu app.usercentrics.eu — Cisco Umbrella Rank: 12170 api.usercentrics.eu — Cisco Umbrella Rank: 12249 graphql.usercentrics.eu — Cisco Umbrella Rank: 14632 consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 20447 uct.service.usercentrics.eu — Cisco Umbrella Rank: 19190	199 KB
18	madeleine.de 1 redirects www.madeleine.de wttd.madeleine.de	765 KB
5	kelkoogroup.net 1 redirects api.kelkoogroup.net — Cisco Umbrella Rank: 422510 de-go.kelkoogroup.net — Cisco Umbrella Rank: 761671 dd.kelkoogroup.net — Cisco Umbrella Rank: 344659	74 KB
3	wbtrk.net cdn.wbtrk.net — Cisco Umbrella Rank: 262816 geid.wbtrk.net — Cisco Umbrella Rank: 218972	2 KB
3	amplience.net i8.amplience.net — Cisco Umbrella Rank: 26339	82 KB
3	mateti.net cdn.mateti.net — Cisco Umbrella Rank: 63606 r.mateti.net — Cisco Umbrella Rank: 95252	45 KB
2	wcfbc.net 1 redirects fbc.wcfbc.net — Cisco Umbrella Rank: 42290	379 B
2	digicert.com seal.digicert.com — Cisco Umbrella Rank: 7779	4 KB
2	cstmrc.io assets-production-mm.cstmrc.io	6 KB
2	mybettermb.com 1 redirects mybettermb.com — Cisco Umbrella Rank: 62345 p237996.mybettermb.com	1 KB
2	metroforsteam.com metroforsteam.com	12 KB
1	adis.ws x1.adis.ws — Cisco Umbrella Rank: 419586	9 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	119 KB
1	datadome.co api-js.datadome.co — Cisco Umbrella Rank: 4127	429 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15368	785 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	350 B
1	doqxysy.com 1 redirects doqxysy.com	2 KB
1	geotrkclknow.com 1 redirects geotrkclknow.com	592 B
69	18

	Domain	Requested by
16	www.madeleine.de	api.kelkoogroup.net www.madeleine.de
15	app.usercentrics.eu	www.madeleine.de app.usercentrics.eu metroforsteam.com
6	api.usercentrics.eu	app.usercentrics.eu
3	i8.amplience.net	www.madeleine.de
3	de-go.kelkoogroup.net	1 redirects api.kelkoogroup.net
2	fbc.wcfbc.net	1 redirects www.madeleine.de
2	geid.wbtrk.net	metroforsteam.com
2	r.mateti.net	cdn.mateti.net
2	wttd.madeleine.de	1 redirects www.madeleine.de
2	seal.digicert.com	www.madeleine.de
2	consent-api.service.consent.usercentrics.eu	app.usercentrics.eu
2	graphql.usercentrics.eu	app.usercentrics.eu
2	assets-production-mm.cstmrc.io	www.madeleine.de
2	metroforsteam.com	metroforsteam.com
1	x1.adis.ws	www.madeleine.de
1	uct.service.usercentrics.eu	www.madeleine.de
1	cdn.wbtrk.net	metroforsteam.com
1	cdn.mateti.net	metroforsteam.com
1	assets.adobedtm.com	www.madeleine.de
1	api-js.datadome.co	dd.kelkoogroup.net
1	www.awin1.com	1 redirects
1	www.google-analytics.com	api.kelkoogroup.net
1	dd.kelkoogroup.net	api.kelkoogroup.net
1	api.kelkoogroup.net	p237996.mybettermb.com
1	doqxysy.com	1 redirects
1	geotrkclknow.com	1 redirects
1	p237996.mybettermb.com	metroforsteam.com
1	mybettermb.com	1 redirects
69	28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.instagram.com
www.pinterest.de

Subject Issuer	Validity	Valid
*.mybettermb.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-02` - `2023-11-02`	a year	crt.sh
api.kelkoogroup.net Amazon	`2023-01-18` - `2024-02-16`	a year	crt.sh
*.kelkoogroup.net Thawte RSA CA 2018	`2022-08-25` - `2023-09-25`	a year	crt.sh
dd.kelkoogroup.net R3	`2023-02-04` - `2023-05-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.madeleine.de E1	`2023-01-21` - `2023-04-21`	3 months	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2022-10-13` - `2023-10-21`	a year	crt.sh
app.usercentrics.eu GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.cstmrc.io GTS CA 1P5	`2023-01-26` - `2023-04-26`	3 months	crt.sh
api.usercentrics.eu GTS CA 1D4	`2022-12-12` - `2023-03-12`	3 months	crt.sh
graphql.usercentrics.eu GTS CA 1D4	`2022-12-16` - `2023-03-16`	3 months	crt.sh
consent-api.service.consent.usercentrics.eu GTS CA 1D4	`2022-12-28` - `2023-03-28`	3 months	crt.sh
*.mateti.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
a.sni.dm.amplience.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-16` - `2023-09-21`	a year	crt.sh
seal.digicert.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-09` - `2023-06-06`	a year	crt.sh
*.wbtrk.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
wttd.madeleine.de DigiCert TLS RSA SHA256 2020 CA1	`2022-03-01` - `2023-03-30`	a year	crt.sh
uct.service.usercentrics.eu GTS CA 1D4	`2023-01-30` - `2023-04-30`	3 months	crt.sh
*.bigcontent.io GeoTrust RSA CA 2018	`2022-02-28` - `2023-03-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
Frame ID: 3957C6D6376BCC9AA1CA9B8EF5ADD366
Requests: 75 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://metroforsteam.com/ Page URL
http://metroforsteam.com/page/bouncy.php?&bpae=GbhGc7%2FGwqR5j3PVNd148xfZacjpSU6pMosVwFQ8GsnNmnF38g37... Page URL
https://mybettermb.com/aS/feedclick?s=rI7t-hs_SLeL0_xlo4C1RI8uDhK_8R6jm_ep5GV9Hhu0Le9QC-TQNzZTiQMvA... HTTP 302
https://p237996.mybettermb.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiLAxZahdPI4K7xK6ekDwyp6Gdpv3nxMN8... Page URL
https://geotrkclknow.com/rot/vQG70jP4AePlNnAl?clickid=90008252374&bid=0.0025&source=445014534 HTTP 302
https://doqxysy.com/click?trvid=33169&clickid=90008252374&bid=0.0025&source=445014534 HTTP 302
https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=de&id=bb4ca91b-7d1c-451c-a... Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437afc68d67c5ab8cec5cb42e... HTTP 303
https://www.awin1.com/cread.php?awinmid=29051&clickref=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1675... HTTP 302
https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18... Page URL

Detected technologies

SAP Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<[^>]+/(?:sys_master|hybr|_ui/(?:.*responsive/)?(?:desktop|common(?:/images|/img|/css|ico)?))/

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

69
Requests

94 %
HTTPS

37 %
IPv6

18
Domains

28
Subdomains

25
IPs

7
Countries

1316 kB
Transfer

3683 kB
Size

35
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/madeleine.de
Title: <img src="/medias/sys_master/images/images/hf0/h49/9137775607838/facebook.svg">

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/MadeleineMode
Title: <img src="/medias/sys_master/images/images/hfb/h8e/9137775673374/youtube.svg">

Search URL Search Domain Scan URL

URL: https://www.instagram.com/madeleine_fashion/
Title: <img src="/medias/sys_master/images/images/hf7/h12/9137775706142/instagram.svg">

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/madeleinemode/
Title: <img src="/medias/sys_master/images/images/h16/h4a/9137775738910/pinterest.svg">

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://metroforsteam.com/ Page URL
http://metroforsteam.com/page/bouncy.php?&bpae=GbhGc7%2FGwqR5j3PVNd148xfZacjpSU6pMosVwFQ8GsnNmnF38g37uQfAYJnvsjMOCQ1FUGCQn8yNLthJGXris1Cmr7a7O6MLkiVcWboS58MKvUjmBLH3NHuipE1r5Mo2Qbs92KovEIendM6JvJPorFsW40zPXIMGsIQSHbXq5yIrRtK6B3zQm03Yi%2BvKqTdKB0T0DzcjUp81nVGweiAKPlClTub1%2Fe8sDJ0Lwos11New52r94OaeG3TeVoO7ZOo3dmoGPmIx4kfhLO0ibDDRL913TtyIrjrvu%2FBuxK4naRQHdGWOxXA3NsCHdSH5m%2B%2B%2FIOuIPhzQn4ZO9kZvIFrGZsekjVtIA1A5CKKOlYycxqvocYS1K2D96PwP6VAIfS5D%2F0bxTxVpathfuNMWs5%2BifiDgbucJ4D7Buv2syAp%2FIOlVcHdzZQWnnMK8FsSKyZrVjWslrPPQLcSD4%2BxrUKLgdnp0KapGAuWkoa1un0e%2FdOIc%2BbRbls9RWLTZ%2FCU3Ph7mHimifv0r7jaOXhPN1aNNiBaO950MkSlohTREu5MsWsKyjcJN%2FBRIfDHGt8ihJcIUT2WO8vn1eZ42F5uHl6EqkXTL7PIAnrpzo9Hv0JdRPureAgia21v4ZDNV1VUXHqT8jPGOmQ46D5unLSnq2o6BuGh2Fh%2F1ZOyKFYTBG0GNuU5MM0a6hRyjkpRCGIlc4ay18x7fbvows%2B5PgWv4lNz%2Bt6pqT309Am%2FL7zeKFKkDUXoaErQRYjPuKTpIkWjKA1OhRsVuSOgp03Wh0H8lXcBAAWLOVJYThFATI%2BybGsXCikvfzNQuW38FfCrxEYsYpmRPUZooqmqG4QF96jPbY5gwItoKjyWRbDURJv90cll3kYQJeDRYQxRr%2FbyFcWt%2BpWcDjv6iXFuLr9C21HuLLXP%2B87wQ6fU6jrCuNPw7Z%2FF4pazC5JvGnbfmcdVvnh38C2rUDr%2BDHJidH%2Fu7cxJhaEsuqcDpAFSjP5rloQ%2FN9%2BkASezYqv9LUKGZOqqNpxo9H56823G6uxPKh4dDm3%2F6jaMOoZ1ZSDshA9sFJeL0Un7wAXFCth%2FUTNgit7okcte%2BoCtyA44YxDfeSTZ2kUMjKYCvEd7KMSsaBYF7gXnEuZ3AzGiacHYs01W%2B%2F%2FqVsp9lW5Zw%2B3IshYXuyT6bv5cXWZRQIU9O%2FffFyWWkIaAnbbEO7NOGbvT1iyDJkgx4JZ39HJ7B7kOKqNNSNqGA%2BbApxfV4AtOsMJzbUoKr9NKS%2Fo3FS40P36fbpc4t7XltrIKkHzH7Gnq7ik7fmiIWzl276CMvcIPUrfBuiqCxkNPo4G9rR48WtxxqHXTkJ%2FftsIM8%2Bj6iJ%2F6OHRhFy6hyAKKamptdhpSl8ZnnmK7v2XrKQoO9MH4JjKpSYqo0qxAoRSP9mdkJ9etSInWvqhTAAZc5OS8o07y0FfZIMgrho0jMhbh7xWVBm1BkpuyWn4ZkG9WZ2kX5tuSlVwVucWAaTzBPectFSzlPf9ohe0qIfoLMjfoV1zEuudY2TALErWieBj7uxQUsbaqgQyY0tiZxfWAeFh0hTOpXnDUC5TZ2ltafXCysHCwqpDT1YoLCb90c2cNlZo4x5iw61f5U9A8%2BiLM%2Fo%2BYI%2Fehc2rSPpvigvxv%2B%2BE7GepE6EbxCuV%2FqNOjC1lNl19RbcMj9KAmekdM1h7TYr6UKUvHMyR%2B3qidjs05%2FnUxJt%2F%2FJk%2FZoISeOVTK9bblKmOSN1NJLSDd9foFwDBFUZlpsBqxCxD%2B53C%2FOpboIyZWizEOS2tEnVwf82BEBnnUjI%2ByNv8FWpZHqthQEnPCTlsydNXCfxp8Uw6wHF9uWjcQxjcnZRyskHDbubwpMCr4VMZVjOlv7fzZ%2BhyLlAdahy6c2SblH87Nz71AYvylJaHvIkfLu38KMePyfP0CDMfxsSvhDMoOdfRs2nPDBGlyLCJTxVKoM3AhriIH36wVzS8zMTA9oqas%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
https://mybettermb.com/aS/feedclick?s=rI7t-hs_SLeL0_xlo4C1RI8uDhK_8R6jm_ep5GV9Hhu0Le9QC-TQNzZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySewBMB8RVJvv-4e4vQl9iCIHdqoH80EYFgS41QDYTbhAEysjXg8JANJjEIILW_3V7XWOpnxryNlzfUFo_tLc8PGOYRHEBSqLjIXaCzagmb7zYJKTea0kxH9FqHbj_k5D3__xBzwrII4nmL5dkRmI0AZiQ_XlpchTKr28SluWyanVZpVxjcgKk0-aYpDFuavhkHgJkvrdu0CxVuzq_sbbS6jmSwHuZkXLl9OV4Oa1eapNSeztZ6oKZUQ6IoTsV4uyq0W7bPlWS2DkIufsERhbN5m_2vPtcPPB0AnZYCINW-3KIY6-VH_o7BJCACOHRif6BNNpllat6NTOUquLDQ-oIEg2n3rzw8HmEvUrqQANrWplSnXXtdVbRc9d64EWMo_qQZdTpysOhvTIWDzLxnPi4OYI78-Wy8iUlQgqACdD1wrWPMDlQpEu_-Qb553T2s8NBwMaridiRAzcFo8RSoK8_FHvIusTJ_nEu5jLj1TMiRU---Q4eNpmv96EZtm1-h_jr9MbrtXSLgOcDsIR3j8h3Ng9YlY8dO1ISrzn8BgRlCBxlQ1X1Qh0_J6cKHy1Ajk6bB79t-h_dZ7ZDyFw9KQqgl98IktfoIouC6W6gWXjwElqr5R6UrqHcG1NTyDk-FiikLd6vr3vMhnDNoRvkzNl9IXG-PdtgQtzONkLVrRiFkObMffqnhc8v6vUw4KEjOGM2R1f9Fpb41ZHGc3tDj8iL6qpSgjHQjP7HtLuDXU9KXG_nFppwusaAy0OJ37jnFO0nfiAfQyQJrQcB6rICin32Svu5Q6SBD1vvP17eL3gb7fBYqXHFlcdgME3WU2rd2TJnu3yT36a6bn5Ksyw5VI6sUh6LB51TyPTJ_EuU_gAsTyIKicC80-2WK6vb_OJIXmHl2wvrqUMi1ZxxFIbxUNTY-nnuPG0qvNnqufsZRntBDqVPNC_OJaKrruNNVC9UvhJwljCoRyouWo1FrxW_XL0h9YLdDyfApm4RAVBoHw3O1Gpopyec5UJrWC1Wh3KHXo275meCTasL7X8TY03EDqJv4hUwjJBAo8FARU_6cwqzIu_XcxkDvgB_f4iW5sC13aKzDZfHGzeYcNiGFGCXXWTRhBR5kHBtJAU6M9MHDrIzhwir07j33VTERhyCeUm6Rlw7-QjWDPgrFi0MSXeqYm0RRPBq1aqddqkjEqrZR4XOW3PFIcrXmgy_zWnobF9TDGExR1FYBPnLmmA6xK-0eRmYjr0NzNN6FsKHvNOtRefbTW6zQF7O90np2ToxufKOZUnToyEOp_uQSuaFlQi184nKnKs1gg6pD_VYGeDYFDo8O3xeyUIudqd7tgAO0_nf-EWikqzqT7VnVBLYgG7afTXkyA HTTP 302
https://p237996.mybettermb.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiLAxZahdPI4K7xK6ekDwyp6Gdpv3nxMN8u2-THs-oNc90ktzivdW17M-C-8721ekwAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2bmTUDtNb32vq9O4991UxEbvFuZNQMdMI-vaI8tzj08RWjiDkHmX5bNI1OVoBktV8MT79j7J_WPYrBZwfnlpzJlpD-0m1bNj94lQJIlzQ1-gtL2fbjoxMMTVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=rI7t-hs_SLeL0_xlo4C1RPbWwvziNp_1xLgNeF8Zj-jHaNtn1SG0t0U8hj8Rx7eshoUZ4GjGWqH_AP8XlqSLVE3REEN1oF7FQC17xV39u4vKERXXF4h7Vg&si=1&oref=b1b5f9b08cd98d4fd42e494d7c69dc4b&optunit=ZSk9-wyQ0iC5r_qpdMOCt3nSiUDV5iGD&rb=-cccNhS6xoE&rr=1&abtg=0 Page URL
https://geotrkclknow.com/rot/vQG70jP4AePlNnAl?clickid=90008252374&bid=0.0025&source=445014534 HTTP 302
https://doqxysy.com/click?trvid=33169&clickid=90008252374&bid=0.0025&source=445014534 HTTP 302
https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=de&id=bb4ca91b-7d1c-451c-ac39-3420c8c2c4dd&merchantUrl=https%3A%2F%2Fwww.madeleine.de%2F&custom1=27zrezveybct Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437afc68d67c5ab8cec5cb42ef68fc4851d699cc98fdc9ad6aea184f76fa7be0efc9a9c2ceac8e7626bdd01eb5ef02e02095151398c72aa81d6eed772a1fe7edee1322007916001ea08b54d5e071bc330cb96f8aecaba604a357dfc12b04bca081453aa5c7b886b6ef6dbe0520b97cb5557b22aa128f9d3508cca0f3ba71d7c7c006e3ee691430638609544c833e290a3f5446cc6444adcd8edb613db91675e5332bd66300400f7790cc7e3566c83c3ba8364ef3db18ff8bf3602fb7e77bfb0333d164e72aedc2993a21ea2261f68f34b76a7cb9c0dd2e764abdad49ca02b330cfb5d686b5c646dd6e1d4e1f4b65acce5641070186d56e79e8306bc648f2b16cc35299ae52e9f7db0401c8dd37e7d7f065d8a66b10d4508a5f5430eb6fd568bf2b1ab032aafa09fd5b79b95eeba600136af&url=https%3A%2F%2Fwww.awin1.com%2Fcread.php%3Fawinmid%3D29051%26clickref%3Ddc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1675758265889_1757593%26awinaffid%3D503421%26platform%3Dtp%26networkref1%3Dgclid_%26ued%3Dhttps%253A%252F%252Fwww.madeleine.de%252F&initiator=timeout HTTP 303
https://www.awin1.com/cread.php?awinmid=29051&clickref=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1675758265889_1757593&awinaffid=503421&platform=tp&networkref1=gclid_&ued=https%3A%2F%2Fwww.madeleine.de%2F HTTP 302
https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://mybettermb.com/aS/feedclick?s=rI7t-hs_SLeL0_xlo4C1RI8uDhK_8R6jm_ep5GV9Hhu0Le9QC-TQNzZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySewBMB8RVJvv-4e4vQl9iCIHdqoH80EYFgS41QDYTbhAEysjXg8JANJjEIILW_3V7XWOpnxryNlzfUFo_tLc8PGOYRHEBSqLjIXaCzagmb7zYJKTea0kxH9FqHbj_k5D3__xBzwrII4nmL5dkRmI0AZiQ_XlpchTKr28SluWyanVZpVxjcgKk0-aYpDFuavhkHgJkvrdu0CxVuzq_sbbS6jmSwHuZkXLl9OV4Oa1eapNSeztZ6oKZUQ6IoTsV4uyq0W7bPlWS2DkIufsERhbN5m_2vPtcPPB0AnZYCINW-3KIY6-VH_o7BJCACOHRif6BNNpllat6NTOUquLDQ-oIEg2n3rzw8HmEvUrqQANrWplSnXXtdVbRc9d64EWMo_qQZdTpysOhvTIWDzLxnPi4OYI78-Wy8iUlQgqACdD1wrWPMDlQpEu_-Qb553T2s8NBwMaridiRAzcFo8RSoK8_FHvIusTJ_nEu5jLj1TMiRU---Q4eNpmv96EZtm1-h_jr9MbrtXSLgOcDsIR3j8h3Ng9YlY8dO1ISrzn8BgRlCBxlQ1X1Qh0_J6cKHy1Ajk6bB79t-h_dZ7ZDyFw9KQqgl98IktfoIouC6W6gWXjwElqr5R6UrqHcG1NTyDk-FiikLd6vr3vMhnDNoRvkzNl9IXG-PdtgQtzONkLVrRiFkObMffqnhc8v6vUw4KEjOGM2R1f9Fpb41ZHGc3tDj8iL6qpSgjHQjP7HtLuDXU9KXG_nFppwusaAy0OJ37jnFO0nfiAfQyQJrQcB6rICin32Svu5Q6SBD1vvP17eL3gb7fBYqXHFlcdgME3WU2rd2TJnu3yT36a6bn5Ksyw5VI6sUh6LB51TyPTJ_EuU_gAsTyIKicC80-2WK6vb_OJIXmHl2wvrqUMi1ZxxFIbxUNTY-nnuPG0qvNnqufsZRntBDqVPNC_OJaKrruNNVC9UvhJwljCoRyouWo1FrxW_XL0h9YLdDyfApm4RAVBoHw3O1Gpopyec5UJrWC1Wh3KHXo275meCTasL7X8TY03EDqJv4hUwjJBAo8FARU_6cwqzIu_XcxkDvgB_f4iW5sC13aKzDZfHGzeYcNiGFGCXXWTRhBR5kHBtJAU6M9MHDrIzhwir07j33VTERhyCeUm6Rlw7-QjWDPgrFi0MSXeqYm0RRPBq1aqddqkjEqrZR4XOW3PFIcrXmgy_zWnobF9TDGExR1FYBPnLmmA6xK-0eRmYjr0NzNN6FsKHvNOtRefbTW6zQF7O90np2ToxufKOZUnToyEOp_uQSuaFlQi184nKnKs1gg6pD_VYGeDYFDo8O3xeyUIudqd7tgAO0_nf-EWikqzqT7VnVBLYgG7afTXkyA HTTP 302
https://p237996.mybettermb.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiLAxZahdPI4K7xK6ekDwyp6Gdpv3nxMN8u2-THs-oNc90ktzivdW17M-C-8721ekwAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2bmTUDtNb32vq9O4991UxEbvFuZNQMdMI-vaI8tzj08RWjiDkHmX5bNI1OVoBktV8MT79j7J_WPYrBZwfnlpzJlpD-0m1bNj94lQJIlzQ1-gtL2fbjoxMMTVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=rI7t-hs_SLeL0_xlo4C1RPbWwvziNp_1xLgNeF8Zj-jHaNtn1SG0t0U8hj8Rx7eshoUZ4GjGWqH_AP8XlqSLVE3REEN1oF7FQC17xV39u4vKERXXF4h7Vg&si=1&oref=b1b5f9b08cd98d4fd42e494d7c69dc4b&optunit=ZSk9-wyQ0iC5r_qpdMOCt3nSiUDV5iGD&rb=-cccNhS6xoE&rr=1&abtg=0

Request Chain 3

https://geotrkclknow.com/rot/vQG70jP4AePlNnAl?clickid=90008252374&bid=0.0025&source=445014534 HTTP 302
https://doqxysy.com/click?trvid=33169&clickid=90008252374&bid=0.0025&source=445014534 HTTP 302
https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=de&id=bb4ca91b-7d1c-451c-ac39-3420c8c2c4dd&merchantUrl=https%3A%2F%2Fwww.madeleine.de%2F&custom1=27zrezveybct

Request Chain 77

https://wttd.madeleine.de/800707127625321/cc?a=r&c=wteid_800707127625321&t=https%3A%2F%2Ffbc.wcfbc.net%2Fv1%2Ffbc%3Fp%3D441%2C0%26acc%3D800707127625321%26t%3D1675758267747%26err%3D HTTP 301
https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=800707127625321&t=1675758267747&err=&c=wteid_800707127625321&v=4167575826700405379 HTTP 307
https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=800707127625321&t=1675758267747&err=&c=wteid_800707127625321&v=4167575826700405379&rc

69 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
metroforsteam.com/ 7 KB
7 KB 1275ms
660ms Document
text/html 69.16.230.42
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://metroforsteam.com/
Protocol: HTTP/1.1
Server: 69.16.230.42 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Feb 2023 08:24:23 GMT
Keep-Alive: timeout=5, max=98
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H/1.1 200
OK bouncy.php
metroforsteam.com/page/ 5 KB
5 KB 129ms
128ms Document
text/html 69.16.230.42
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://metroforsteam.com/page/bouncy.php?&bpae=GbhGc7%2FGwqR5j3PVNd148xfZacjpSU6pMosVwFQ8GsnNmnF38g37uQfAYJnvsjMOCQ1FUGCQn8yNLthJGXris1Cmr7a7O6MLkiVcWboS58MKvUjmBLH3NHuipE1r5Mo2Qbs92KovEIendM6JvJPorFsW40zPXIMGsIQSHbXq5yIrRtK6B3zQm03Yi%2BvKqTdKB0T0DzcjUp81nVGweiAKPlClTub1%2Fe8sDJ0Lwos11New52r94OaeG3TeVoO7ZOo3dmoGPmIx4kfhLO0ibDDRL913TtyIrjrvu%2FBuxK4naRQHdGWOxXA3NsCHdSH5m%2B%2B%2FIOuIPhzQn4ZO9kZvIFrGZsekjVtIA1A5CKKOlYycxqvocYS1K2D96PwP6VAIfS5D%2F0bxTxVpathfuNMWs5%2BifiDgbucJ4D7Buv2syAp%2FIOlVcHdzZQWnnMK8FsSKyZrVjWslrPPQLcSD4%2BxrUKLgdnp0KapGAuWkoa1un0e%2FdOIc%2BbRbls9RWLTZ%2FCU3Ph7mHimifv0r7jaOXhPN1aNNiBaO950MkSlohTREu5MsWsKyjcJN%2FBRIfDHGt8ihJcIUT2WO8vn1eZ42F5uHl6EqkXTL7PIAnrpzo9Hv0JdRPureAgia21v4ZDNV1VUXHqT8jPGOmQ46D5unLSnq2o6BuGh2Fh%2F1ZOyKFYTBG0GNuU5MM0a6hRyjkpRCGIlc4ay18x7fbvows%2B5PgWv4lNz%2Bt6pqT309Am%2FL7zeKFKkDUXoaErQRYjPuKTpIkWjKA1OhRsVuSOgp03Wh0H8lXcBAAWLOVJYThFATI%2BybGsXCikvfzNQuW38FfCrxEYsYpmRPUZooqmqG4QF96jPbY5gwItoKjyWRbDURJv90cll3kYQJeDRYQxRr%2FbyFcWt%2BpWcDjv6iXFuLr9C21HuLLXP%2B87wQ6fU6jrCuNPw7Z%2FF4pazC5JvGnbfmcdVvnh38C2rUDr%2BDHJidH%2Fu7cxJhaEsuqcDpAFSjP5rloQ%2FN9%2BkASezYqv9LUKGZOqqNpxo9H56823G6uxPKh4dDm3%2F6jaMOoZ1ZSDshA9sFJeL0Un7wAXFCth%2FUTNgit7okcte%2BoCtyA44YxDfeSTZ2kUMjKYCvEd7KMSsaBYF7gXnEuZ3AzGiacHYs01W%2B%2F%2FqVsp9lW5Zw%2B3IshYXuyT6bv5cXWZRQIU9O%2FffFyWWkIaAnbbEO7NOGbvT1iyDJkgx4JZ39HJ7B7kOKqNNSNqGA%2BbApxfV4AtOsMJzbUoKr9NKS%2Fo3FS40P36fbpc4t7XltrIKkHzH7Gnq7ik7fmiIWzl276CMvcIPUrfBuiqCxkNPo4G9rR48WtxxqHXTkJ%2FftsIM8%2Bj6iJ%2F6OHRhFy6hyAKKamptdhpSl8ZnnmK7v2XrKQoO9MH4JjKpSYqo0qxAoRSP9mdkJ9etSInWvqhTAAZc5OS8o07y0FfZIMgrho0jMhbh7xWVBm1BkpuyWn4ZkG9WZ2kX5tuSlVwVucWAaTzBPectFSzlPf9ohe0qIfoLMjfoV1zEuudY2TALErWieBj7uxQUsbaqgQyY0tiZxfWAeFh0hTOpXnDUC5TZ2ltafXCysHCwqpDT1YoLCb90c2cNlZo4x5iw61f5U9A8%2BiLM%2Fo%2BYI%2Fehc2rSPpvigvxv%2B%2BE7GepE6EbxCuV%2FqNOjC1lNl19RbcMj9KAmekdM1h7TYr6UKUvHMyR%2B3qidjs05%2FnUxJt%2F%2FJk%2FZoISeOVTK9bblKmOSN1NJLSDd9foFwDBFUZlpsBqxCxD%2B53C%2FOpboIyZWizEOS2tEnVwf82BEBnnUjI%2ByNv8FWpZHqthQEnPCTlsydNXCfxp8Uw6wHF9uWjcQxjcnZRyskHDbubwpMCr4VMZVjOlv7fzZ%2BhyLlAdahy6c2SblH87Nz71AYvylJaHvIkfLu38KMePyfP0CDMfxsSvhDMoOdfRs2nPDBGlyLCJTxVKoM3AhriIH36wVzS8zMTA9oqas%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: metroforsteam.com
URL: http://metroforsteam.com/
Protocol: HTTP/1.1
Server: 69.16.230.42 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer: http://metroforsteam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Feb 2023 08:24:24 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H2

200

domainClick
p237996.mybettermb.com/adServe/
Redirect Chain

https://mybettermb.com/aS/feedclick?s=rI7t-hs_SLeL0_xlo4C1RI8uDhK_8R6jm_ep5GV9Hhu0Le9QC-TQNzZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySewBMB8RVJvv-4e4vQl9iCIHdqoH80EYFgS41QDYTbhAEysjXg8JANJjEIILW_3V...
https://p237996.mybettermb.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiLAxZahdPI4K7xK6ekDwyp6Gdpv3nxMN8u2-THs-oNc90ktzivdW17M-C-8721ekwAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U...

289 B
604 B

169ms
141ms

Document
text/html

52.116.53.155
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://p237996.mybettermb.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiLAxZahdPI4K7xK6ekDwyp6Gdpv3nxMN8u2-THs-oNc90ktzivdW17M-C-8721ekwAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2bmTUDtNb32vq9O4991UxEbvFuZNQMdMI-vaI8tzj08RWjiDkHmX5bNI1OVoBktV8MT79j7J_WPYrBZwfnlpzJlpD-0m1bNj94lQJIlzQ1-gtL2fbjoxMMTVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=rI7t-hs_SLeL0_xlo4C1RPbWwvziNp_1xLgNeF8Zj-jHaNtn1SG0t0U8hj8Rx7eshoUZ4GjGWqH_AP8XlqSLVE3REEN1oF7FQC17xV39u4vKERXXF4h7Vg&si=1&oref=b1b5f9b08cd98d4fd42e494d7c69dc4b&optunit=ZSk9-wyQ0iC5r_qpdMOCt3nSiUDV5iGD&rb=-cccNhS6xoE&rr=1&abtg=0
Requested by: Host: metroforsteam.com
URL: http://metroforsteam.com/page/bouncy.php?&bpae=GbhGc7%2FGwqR5j3PVNd148xfZacjpSU6pMosVwFQ8GsnNmnF38g37uQfAYJnvsjMOCQ1FUGCQn8yNLthJGXris1Cmr7a7O6MLkiVcWboS58MKvUjmBLH3NHuipE1r5Mo2Qbs92KovEIendM6JvJPorFsW40zPXIMGsIQSHbXq5yIrRtK6B3zQm03Yi%2BvKqTdKB0T0DzcjUp81nVGweiAKPlClTub1%2Fe8sDJ0Lwos11New52r94OaeG3TeVoO7ZOo3dmoGPmIx4kfhLO0ibDDRL913TtyIrjrvu%2FBuxK4naRQHdGWOxXA3NsCHdSH5m%2B%2B%2FIOuIPhzQn4ZO9kZvIFrGZsekjVtIA1A5CKKOlYycxqvocYS1K2D96PwP6VAIfS5D%2F0bxTxVpathfuNMWs5%2BifiDgbucJ4D7Buv2syAp%2FIOlVcHdzZQWnnMK8FsSKyZrVjWslrPPQLcSD4%2BxrUKLgdnp0KapGAuWkoa1un0e%2FdOIc%2BbRbls9RWLTZ%2FCU3Ph7mHimifv0r7jaOXhPN1aNNiBaO950MkSlohTREu5MsWsKyjcJN%2FBRIfDHGt8ihJcIUT2WO8vn1eZ42F5uHl6EqkXTL7PIAnrpzo9Hv0JdRPureAgia21v4ZDNV1VUXHqT8jPGOmQ46D5unLSnq2o6BuGh2Fh%2F1ZOyKFYTBG0GNuU5MM0a6hRyjkpRCGIlc4ay18x7fbvows%2B5PgWv4lNz%2Bt6pqT309Am%2FL7zeKFKkDUXoaErQRYjPuKTpIkWjKA1OhRsVuSOgp03Wh0H8lXcBAAWLOVJYThFATI%2BybGsXCikvfzNQuW38FfCrxEYsYpmRPUZooqmqG4QF96jPbY5gwItoKjyWRbDURJv90cll3kYQJeDRYQxRr%2FbyFcWt%2BpWcDjv6iXFuLr9C21HuLLXP%2B87wQ6fU6jrCuNPw7Z%2FF4pazC5JvGnbfmcdVvnh38C2rUDr%2BDHJidH%2Fu7cxJhaEsuqcDpAFSjP5rloQ%2FN9%2BkASezYqv9LUKGZOqqNpxo9H56823G6uxPKh4dDm3%2F6jaMOoZ1ZSDshA9sFJeL0Un7wAXFCth%2FUTNgit7okcte%2BoCtyA44YxDfeSTZ2kUMjKYCvEd7KMSsaBYF7gXnEuZ3AzGiacHYs01W%2B%2F%2FqVsp9lW5Zw%2B3IshYXuyT6bv5cXWZRQIU9O%2FffFyWWkIaAnbbEO7NOGbvT1iyDJkgx4JZ39HJ7B7kOKqNNSNqGA%2BbApxfV4AtOsMJzbUoKr9NKS%2Fo3FS40P36fbpc4t7XltrIKkHzH7Gnq7ik7fmiIWzl276CMvcIPUrfBuiqCxkNPo4G9rR48WtxxqHXTkJ%2FftsIM8%2Bj6iJ%2F6OHRhFy6hyAKKamptdhpSl8ZnnmK7v2XrKQoO9MH4JjKpSYqo0qxAoRSP9mdkJ9etSInWvqhTAAZc5OS8o07y0FfZIMgrho0jMhbh7xWVBm1BkpuyWn4ZkG9WZ2kX5tuSlVwVucWAaTzBPectFSzlPf9ohe0qIfoLMjfoV1zEuudY2TALErWieBj7uxQUsbaqgQyY0tiZxfWAeFh0hTOpXnDUC5TZ2ltafXCysHCwqpDT1YoLCb90c2cNlZo4x5iw61f5U9A8%2BiLM%2Fo%2BYI%2Fehc2rSPpvigvxv%2B%2BE7GepE6EbxCuV%2FqNOjC1lNl19RbcMj9KAmekdM1h7TYr6UKUvHMyR%2B3qidjs05%2FnUxJt%2F%2FJk%2FZoISeOVTK9bblKmOSN1NJLSDd9foFwDBFUZlpsBqxCxD%2B53C%2FOpboIyZWizEOS2tEnVwf82BEBnnUjI%2ByNv8FWpZHqthQEnPCTlsydNXCfxp8Uw6wHF9uWjcQxjcnZRyskHDbubwpMCr4VMZVjOlv7fzZ%2BhyLlAdahy6c2SblH87Nz71AYvylJaHvIkfLu38KMePyfP0CDMfxsSvhDMoOdfRs2nPDBGlyLCJTxVKoM3AhriIH36wVzS8zMTA9oqas%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.155 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 9b.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash

Request headers

Referer: http://metroforsteam.com/page/bouncy.php?&bpae=GbhGc7%2FGwqR5j3PVNd148xfZacjpSU6pMosVwFQ8GsnNmnF38g37uQfAYJnvsjMOCQ1FUGCQn8yNLthJGXris1Cmr7a7O6MLkiVcWboS58MKvUjmBLH3NHuipE1r5Mo2Qbs92KovEIendM6JvJPorFsW40zPXIMGsIQSHbXq5yIrRtK6B3zQm03Yi%2BvKqTdKB0T0DzcjUp81nVGweiAKPlClTub1%2Fe8sDJ0Lwos11New52r94OaeG3TeVoO7ZOo3dmoGPmIx4kfhLO0ibDDRL913TtyIrjrvu%2FBuxK4naRQHdGWOxXA3NsCHdSH5m%2B%2B%2FIOuIPhzQn4ZO9kZvIFrGZsekjVtIA1A5CKKOlYycxqvocYS1K2D96PwP6VAIfS5D%2F0bxTxVpathfuNMWs5%2BifiDgbucJ4D7Buv2syAp%2FIOlVcHdzZQWnnMK8FsSKyZrVjWslrPPQLcSD4%2BxrUKLgdnp0KapGAuWkoa1un0e%2FdOIc%2BbRbls9RWLTZ%2FCU3Ph7mHimifv0r7jaOXhPN1aNNiBaO950MkSlohTREu5MsWsKyjcJN%2FBRIfDHGt8ihJcIUT2WO8vn1eZ42F5uHl6EqkXTL7PIAnrpzo9Hv0JdRPureAgia21v4ZDNV1VUXHqT8jPGOmQ46D5unLSnq2o6BuGh2Fh%2F1ZOyKFYTBG0GNuU5MM0a6hRyjkpRCGIlc4ay18x7fbvows%2B5PgWv4lNz%2Bt6pqT309Am%2FL7zeKFKkDUXoaErQRYjPuKTpIkWjKA1OhRsVuSOgp03Wh0H8lXcBAAWLOVJYThFATI%2BybGsXCikvfzNQuW38FfCrxEYsYpmRPUZooqmqG4QF96jPbY5gwItoKjyWRbDURJv90cll3kYQJeDRYQxRr%2FbyFcWt%2BpWcDjv6iXFuLr9C21HuLLXP%2B87wQ6fU6jrCuNPw7Z%2FF4pazC5JvGnbfmcdVvnh38C2rUDr%2BDHJidH%2Fu7cxJhaEsuqcDpAFSjP5rloQ%2FN9%2BkASezYqv9LUKGZOqqNpxo9H56823G6uxPKh4dDm3%2F6jaMOoZ1ZSDshA9sFJeL0Un7wAXFCth%2FUTNgit7okcte%2BoCtyA44YxDfeSTZ2kUMjKYCvEd7KMSsaBYF7gXnEuZ3AzGiacHYs01W%2B%2F%2FqVsp9lW5Zw%2B3IshYXuyT6bv5cXWZRQIU9O%2FffFyWWkIaAnbbEO7NOGbvT1iyDJkgx4JZ39HJ7B7kOKqNNSNqGA%2BbApxfV4AtOsMJzbUoKr9NKS%2Fo3FS40P36fbpc4t7XltrIKkHzH7Gnq7ik7fmiIWzl276CMvcIPUrfBuiqCxkNPo4G9rR48WtxxqHXTkJ%2FftsIM8%2Bj6iJ%2F6OHRhFy6hyAKKamptdhpSl8ZnnmK7v2XrKQoO9MH4JjKpSYqo0qxAoRSP9mdkJ9etSInWvqhTAAZc5OS8o07y0FfZIMgrho0jMhbh7xWVBm1BkpuyWn4ZkG9WZ2kX5tuSlVwVucWAaTzBPectFSzlPf9ohe0qIfoLMjfoV1zEuudY2TALErWieBj7uxQUsbaqgQyY0tiZxfWAeFh0hTOpXnDUC5TZ2ltafXCysHCwqpDT1YoLCb90c2cNlZo4x5iw61f5U9A8%2BiLM%2Fo%2BYI%2Fehc2rSPpvigvxv%2B%2BE7GepE6EbxCuV%2FqNOjC1lNl19RbcMj9KAmekdM1h7TYr6UKUvHMyR%2B3qidjs05%2FnUxJt%2F%2FJk%2FZoISeOVTK9bblKmOSN1NJLSDd9foFwDBFUZlpsBqxCxD%2B53C%2FOpboIyZWizEOS2tEnVwf82BEBnnUjI%2ByNv8FWpZHqthQEnPCTlsydNXCfxp8Uw6wHF9uWjcQxjcnZRyskHDbubwpMCr4VMZVjOlv7fzZ%2BhyLlAdahy6c2SblH87Nz71AYvylJaHvIkfLu38KMePyfP0CDMfxsSvhDMoOdfRs2nPDBGlyLCJTxVKoM3AhriIH36wVzS8zMTA9oqas%3D&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 07 Feb 2023 08:24:25 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Tue, 07 Feb 2023 08:24:24 GMT
location: https://p237996.mybettermb.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiLAxZahdPI4K7xK6ekDwyp6Gdpv3nxMN8u2-THs-oNc90ktzivdW17M-C-8721ekwAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2bmTUDtNb32vq9O4991UxEbvFuZNQMdMI-vaI8tzj08RWjiDkHmX5bNI1OVoBktV8MT79j7J_WPYrBZwfnlpzJlpD-0m1bNj94lQJIlzQ1-gtL2fbjoxMMTVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=rI7t-hs_SLeL0_xlo4C1RPbWwvziNp_1xLgNeF8Zj-jHaNtn1SG0t0U8hj8Rx7eshoUZ4GjGWqH_AP8XlqSLVE3REEN1oF7FQC17xV39u4vKERXXF4h7Vg&si=1&oref=b1b5f9b08cd98d4fd42e494d7c69dc4b&optunit=ZSk9-wyQ0iC5r_qpdMOCt3nSiUDV5iGD&rb=-cccNhS6xoE&rr=1&abtg=0
server: nginx

GET
H2

200

link Show response
api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/
Redirect Chain

https://geotrkclknow.com/rot/vQG70jP4AePlNnAl?clickid=90008252374&bid=0.0025&source=445014534
https://doqxysy.com/click?trvid=33169&clickid=90008252374&bid=0.0025&source=445014534
https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=de&id=bb4ca91b-7d1c-451c-ac39-3420c8c2c4dd&merchantUrl=https%3A%2F%2Fwww.madeleine.de%2F&custom1=27zrezveybct

29 KB
30 KB

612ms
308ms

Document
text/html

54.230.111.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=de&id=bb4ca91b-7d1c-451c-ac39-3420c8c2c4dd&merchantUrl=https%3A%2F%2Fwww.madeleine.de%2F&custom1=27zrezveybct

Requested by

Host: p237996.mybettermb.com
URL: https://p237996.mybettermb.com/adServe/domainClick?ai=cupGVo9cneB-wRDBQtYBiLAxZahdPI4K7xK6ekDwyp6Gdpv3nxMN8u2-THs-oNc90ktzivdW17M-C-8721ekwAafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2bmTUDtNb32vq9O4991UxEbvFuZNQMdMI-vaI8tzj08RWjiDkHmX5bNI1OVoBktV8MT79j7J_WPYrBZwfnlpzJlpD-0m1bNj94lQJIlzQ1-gtL2fbjoxMMTVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=rI7t-hs_SLeL0_xlo4C1RPbWwvziNp_1xLgNeF8Zj-jHaNtn1SG0t0U8hj8Rx7eshoUZ4GjGWqH_AP8XlqSLVE3REEN1oF7FQC17xV39u4vKERXXF4h7Vg&si=1&oref=b1b5f9b08cd98d4fd42e494d7c69dc4b&optunit=ZSk9-wyQ0iC5r_qpdMOCt3nSiUDV5iGD&rb=-cccNhS6xoE&rr=1&abtg=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.111.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-111-22.osl50.r.cloudfront.net

Software

Resource Hash

c71a4842b02b7a9a08ba7d3a88aa755fcafab5b01599c3ade2990fc3181ae69f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://p237996.mybettermb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
clickid: 107698149_1675758265670_9326220
content-length: 29516
content-type: text/html; charset=UTF-8
country: de
date: Tue, 07 Feb 2023 08:24:25 GMT
leadid: dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1675758265889_1757593
referrer-policy: origin-when-cross-origin
request-time: PT0.224041S
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-id: o-eKwOPZvmuKx6UqBvAu12WHv4EtsilQV4p-P0X_6irXklibJH5S8A==
x-amz-cf-pop: OSL50-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-datadome: protected
x-frame-options: DENY
x-gravitee-request-id: e65f7529-2e3d-4fc4-9f75-292e3dcfc45b
x-gravitee-transaction-id: e65f7529-2e3d-4fc4-9f75-292e3dcfc45b
x-permitted-cross-domain-policies: master-only
x-robots-tag: noindex,nofollow
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length: 222
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 08:24:25 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=de&id=bb4ca91b-7d1c-451c-ac39-3420c8c2c4dd&merchantUrl=https%3A%2F%2Fwww.madeleine.de%2F&custom1=27zrezveybct
pragma: no-cache
server: nginx

GET
H/1.1 200
OK p.png
de-go.kelkoogroup.net/assets/images/ 68 B
574 B 92ms
16ms Image
image/png 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de-go.kelkoogroup.net/assets/images/p.png?country=de&k=612f7a9541cd6ea61eb554c0e4cff437afc68d67c5ab8cec5cb42ef68fc4851d699cc98fdc9ad6aea184f76fa7be0efc9a9c2ceac8e7626bdd01eb5ef02e02095151398c72aa81d6eed772a1fe7edee1322007916001ea08b54d5e071bc330cb96f8aecaba604a357dfc12b04bca081453aa5c7b886b6ef6dbe0520b97cb5557b22aa128f9d3508cca0f3ba71d7c7c006e3ee691430638609544c833e290a3f5446cc6444adcd8edb613db91675e5332bd66300400f7790cc7e3566c83c3ba8364ef3db18ff8bf3602fb7e77bfb0333d164e72aedc2993a21ea2261f68f34b76a7cb9c0dd2e764abdad49ca02b330cfb5d686b5c646dd6e1d4e1f4b65acce5641070186d56e79e8306bc648f2b16cc35299ae52e9f7db0401c8dd37e7d7f065d8a66b10d4508a5f5430eb6fd568bf2b1ab032aafa09fd5b79b95eeba600136af

Requested by

Host: api.kelkoogroup.net
URL: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=de&id=bb4ca91b-7d1c-451c-ac39-3420c8c2c4dd&merchantUrl=https%3A%2F%2Fwww.madeleine.de%2F&custom1=27zrezveybct

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.kelkoogroup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 08:24:26 GMT
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
leadId: dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1675758265889_1757593
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.001592S
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private, must-revalidate
clickId: 107698149_1675758265670_9326220
country: de
X-Robots-Tag: noindex,nofollow
Content-Length: 68
X-XSS-Protection: 1; mode=block

GET
H2 200 tags.js
dd.kelkoogroup.net/ 205 KB
42 KB 119ms
7ms Script
text/javascript 18.66.112.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-3.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.kelkoogroup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront), 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
date: Tue, 07 Feb 2023 08:11:45 GMT
x-amz-cf-pop: FRA60-P2, FRA56-P5
age: 761
x-cache: Hit from cloudfront
content-length: 42836
last-modified: Wed, 01 Feb 2023 11:10:44 GMT
server: Apache
etag: "33404-5f3a17fded07d-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: 7yvIs_yIJ64DO_jx2prPVqwsrljFYYTQuzG8CQKptIyVch3r-oXDDQ==
expires: Tue, 07 Feb 2023 09:11:45 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
350 B 35ms
14ms Ping
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dde%26id%3Dbb4ca91b-7d1c-451c-ac39-3420c8c2c4dd%26merchantUrl%3Dhttps%253A%252F%252Fwww.madeleine.de%252F%26custom1%3D27zrezveybct&dp=%2F%7C100542311%7C&ul=en-us&de=UTF-8&dt=Weiterleitung%20zu%20Madeleine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAAABAAAAAC~&cid=529544866.1675758265&tid=UA-168544891-7&_gid=178114931.1675758265&_r=1&cd1=&cd2=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1675758265889_1757593&cd3=100542311&cd4=a4c6295-1862af9e546-14249a&cd5=&cd6=%7C100542311%7C&z=516017431

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.kelkoogroup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:24:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://api.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK fp
de-go.kelkoogroup.net/ 0
0 60ms
19ms Ping
text/plain 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://de-go.kelkoogroup.net/fp?country=de&k=612f7a9541cd6ea61eb554c0e4cff437afc68d67c5ab8cec5cb42ef68fc4851d699cc98fdc9ad6aea184f76fa7be0efc9a9c2ceac8e7626bdd01eb5ef02e02095151398c72aa81d6eed772a1fe7edee1322007916001ea08b54d5e071bc330cb96f8aecaba604a357dfc12b04bca081453aa5c7b886b6ef6dbe0520b97cb5557b22aa128f9d3508cca0f3ba71d7c7c006e3ee691430638609544c833e290a3f5446cc6444adcd8edb613db91675e5332bd66300400f7790cc7e3566c83c3ba8364ef3db18ff8bf3602fb7e77bfb0333d164e72aedc2993a21ea2261f68f34b76a7cb9c0dd2e764abdad49ca02b330cfb5d686b5c646dd6e1d4e1f4b65acce5641070186d56e79e8306bc648f2b16cc35299ae52e9f7db0401c8dd37e7d7f065d8a66b10d4508a5f5430eb6fd568bf2b1ab032aafa09fd5b79b95eeba600136af
Requested by: Host: api.kelkoogroup.net
URL: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=de&id=bb4ca91b-7d1c-451c-ac39-3420c8c2c4dd&merchantUrl=https%3A%2F%2Fwww.madeleine.de%2F&custom1=27zrezveybct
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: dc1-ecs-pub-mx-vip.kelkoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://api.kelkoogroup.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

GET
H2

200

Primary Request / Show response
www.madeleine.de/
Redirect Chain

https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437afc68d67c5ab8cec5cb42ef68fc4851d699cc98fdc9ad6aea184f76fa7be0efc9a9c2ceac8e7626bdd01eb5ef02e02095151398c72aa81d6e...
https://www.awin1.com/cread.php?awinmid=29051&clickref=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1675758265889_1757593&awinaffid=503421&platform=tp&networkref1=gclid_&ued=https%3A%2F%2Fwww.madeleine.d...
https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

118 KB
23 KB

187ms
154ms

Document
text/html

104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc9dd04f01625849667924f64bb2ee3dcd5c3d641c3f2340d514b251a8e8775

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://live.madeleine.de https://live.madeleine-mode.ch https://live.madeleine-mode.at;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://live.madeleine.de/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=de&id=bb4ca91b-7d1c-451c-ac39-3420c8c2c4dd&merchantUrl=https%3A%2F%2Fwww.madeleine.de%2F&custom1=27zrezveybct
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 795abaad6b0f68e9-FRA
content-encoding: gzip
content-language: de-DE
content-security-policy: frame-ancestors 'self' https://live.madeleine.de https://live.madeleine-mode.ch https://live.madeleine-mode.at;
content-type: text/html;charset=UTF-8
date: Tue, 07 Feb 2023 08:24:26 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: allow-from https://live.madeleine.de/
x-xss-protection: 1; mode=block

Redirect headers

Allow: GET
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0
Date: Tue, 07 Feb 2023 08:24:26 GMT
Location: https://www.madeleine.de?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400

POST
H2 200 /
api-js.datadome.co/js/ 236 B
429 B 149ms
26ms XHR
application/json 34.118.11.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.118.11.88 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 88.11.118.34.bc.googleusercontent.com
Software: DataDome /
Resource Hash

Request headers

Referer: https://api.kelkoogroup.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:24:26 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 236
expires: 0

GET
H2 200 amplience-sdk-client.min.css
www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/styles/vendor/ 3 KB
868 B 69ms
68ms Stylesheet
text/css 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/styles/vendor/amplience-sdk-client.min.css

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a05e197b7c8d5fddb16fd437475f198ba052ae39055f6d39fc3a3a915b6d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 14 Dec 2022 05:50:50 GMT
server: cloudflare
cf-cache-status: HIT
age: 4760683
etag: "ade-5efc351a27332-gzip"
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 795abaaeec4768e9-FRA
content-length: 778
expires: Wed, 07 Feb 2024 08:24:26 GMT

GET
H2 200 home.bundle.css
www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/styles/ 205 KB
33 KB 30ms
29ms Stylesheet
text/css 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/styles/home.bundle.css

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

513151fdbcb547b080ef50ee42a3d4ceb96a15f17d17b1642bf42fb94109a713

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 14 Dec 2022 05:50:50 GMT
server: cloudflare
cf-cache-status: HIT
age: 4760660
etag: "33461-5efc351a28e92-gzip"
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 795abaaeec4868e9-FRA
content-length: 33207
expires: Wed, 07 Feb 2024 08:24:26 GMT

GET
H2 200 20230125-mmhtf-cleanup22-1674647533006-min.js Show response
www.madeleine.de/medias/sys_master/root/h6f/h0a/9309654253598/ 123 KB
41 KB 28ms
27ms Script
application/javascript 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madeleine.de/medias/sys_master/root/h6f/h0a/9309654253598/20230125-mmhtf-cleanup22-1674647533006-min.js

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec722f395a72b01ab6567d9a23c815b573e492655b2081bdcf39270468a65022

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 25 Jan 2023 11:52:13 GMT
server: cloudflare
cf-cache-status: HIT
age: 1110731
etag: "1eb2b-5f3154355cda9-gzip"
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 795abaaeec4968e9-FRA
content-length: 42192
expires: Wed, 07 Feb 2024 08:24:26 GMT

GET
H2 200 loader.js Show response
app.usercentrics.eu/browser-ui/latest/ 62 KB
21 KB 25ms
7ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/loader.js

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9390cc0503e1a591b4a3a677670e63feaf8ec9724d20f9ffe64273ffee2e8a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 07:59:02 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1524
x-guploader-uploadid: ADPycdu18y-n2wOs_MrNMmTq4ETFAZZ9KeVYd1u_2kaHHSFJscH9Umv-LzgSPIZ6toP-nx1Nl35wmJQnTzbcMb4dlzvq7md7UmXz
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21128
last-modified: Thu, 26 Jan 2023 14:07:05 GMT
server: UploadServer
etag: "f81ab6b988775502952ef0aec9f5837f"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=6v6T5A==, md5=+Bq2uYh3VQKVLvCuyfWDfw==
x-goog-generation: 1674742025371617
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 21128
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Feb 2023 08:59:02 GMT

GET
H2 200 launch-0c4ba08ac531.min.js Show response
assets.adobedtm.com/bf471ea80681/f61a0f3ed8c7/ 531 KB
119 KB 264ms
54ms Script
application/x-javascript 2a02:26f0:f700:481::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/bf471ea80681/f61a0f3ed8c7/launch-0c4ba08ac531.min.js
Requested by: Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:481::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b1435cac0f86e78a8123c3ab8d7bc12fffbf702d34813d92c4846d3a4c7462ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:58:34 GMT
server: AkamaiNetStorage
etag: "2226e67d0efd3359867375988339f289:1670853514.417935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.madeleine.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 121102
expires: Tue, 07 Feb 2023 09:24:26 GMT

GET
H2 200 styles.css
assets-production-mm.cstmrc.io/ 11 KB
3 KB 63ms
19ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-production-mm.cstmrc.io/styles.css
Requested by: Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38c525954e6bbd9a98368a187c9042501ca180f9a8b383fe89c1b2f3f9a323f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5W3P5HZ8VY7PDC2Q
age: 652
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 1LTG/Xnhn+jI/U02zee382DbZsqz+djsb51E4cVoYJbTeqkafhYa+fh245Yn670Ti6/djggsWyo=
last-modified: Thu, 01 Dec 2022 07:51:02 GMT
server: cloudflare
etag: W/"69b9d3ee8f657e49dbd4b2a6cd42f737"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7js0IeiV7T0x8emyZfwPFEYGpNaKiENs6Fm2JTryLQXjergSuOwlHd%2FydNIqDCqy1OEagYqXjvr3ivhKPUz6V7Uqaj%2BExXKld5l2BdOR%2FH%2B9M9Gmiy4cag%2BSQFL0B8xP4HdYmLJMqRtbTHzgNCgTBRg9Jr5tK9g%2FD6Wnz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 795abaaf3aeb90a6-FRA

GET
H2 200 2021_MADELEINE_primary_black.svg
www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/images/logos/ 3 KB
1 KB 36ms
36ms Image
image/svg+xml 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/images/logos/2021_MADELEINE_primary_black.svg

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c243c5db4a81e0922fd396c75690e57a572b5634d3c08e893715d6e05e5aa003

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 05:50:49 GMT
server: cloudflare
age: 4760683
etag: W/"c6f-5efc35192b016"
vary: Host,X-Forwarded-Proto, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 795abaafcd0168e9-FRA
expires: Wed, 07 Feb 2024 08:24:26 GMT

GET
H2 200 email-decode.min.js Show response
www.madeleine.de/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
797 B 9ms
9ms Script
application/javascript 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madeleine.de/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 16:56:26 GMT
server: cloudflare
content-encoding: gzip
etag: W/"63dd3cba-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 795abaaf5ca468e9-FRA
expires: Thu, 09 Feb 2023 08:24:26 GMT

GET
H2 200 index.module.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 347 KB
101 KB 23ms
7ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/index.module.js

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6e5f9212cb917d5ed30231e35c23bd658507cf83c4d190d3a2b0ac5f9fc3e01d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.madeleine.de/
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:08:14 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1016172
x-guploader-uploadid: ADPycdu68D3cAHmG7BUqKM1cVCgoJMr8RirCbHC2KAxi3YKszpLqtXf4YRhFR1LXRtHuHz-05484cm4YQAytZ-Urxet1jHli1koq
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102275
last-modified: Thu, 26 Jan 2023 14:06:43 GMT
server: UploadServer
etag: "f7d9d3ca6ff4d0b5327e8841538f713d"
x-goog-generation: 1674742003358621
x-goog-hash: crc32c=ZTnxFw==, md5=99nTym/00LUyfohBU49xPQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 102275
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:08:14 GMT

GET
H2 200 9137778753566.svg
www.madeleine.de/medias/sys_master/images/images/h40/h74/9137778753566/ 3 KB
1 KB 31ms
31ms Image
image/svg+xml 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madeleine.de/medias/sys_master/images/images/h40/h74/9137778753566/9137778753566.svg

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d10592f867a2b86341aa30d40bc234e89db902eb7452f654c84a1527a60c26a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Aug 2020 04:23:57 GMT
server: cloudflare
age: 5525362
etag: W/"c00-5ac92709a4405"
vary: Host,X-Forwarded-Proto, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 795abaaffd3668e9-FRA
expires: Wed, 07 Feb 2024 08:24:26 GMT

GET
H2 200 9137778819102.svg
www.madeleine.de/medias/sys_master/images/images/h21/hdd/9137778819102/ 1 KB
695 B 26ms
26ms Image
image/svg+xml 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madeleine.de/medias/sys_master/images/images/h21/hdd/9137778819102/9137778819102.svg

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

531c4ee9396d721a84c8ea254a0602aae301f3a1190af0cec6446d9f374f26b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Aug 2020 04:23:57 GMT
server: cloudflare
age: 5525395
etag: W/"407-5ac92709a72e6"
vary: Host,X-Forwarded-Proto, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 795abab03d5e68e9-FRA
expires: Wed, 07 Feb 2024 08:24:26 GMT

GET
H2 200 9137778884638.svg
www.madeleine.de/medias/sys_master/images/images/h07/hfa/9137778884638/ 3 KB
1 KB 31ms
30ms Image
image/svg+xml 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madeleine.de/medias/sys_master/images/images/h07/hfa/9137778884638/9137778884638.svg

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95bb62eace5c7c83f7bc6551c4c122b5f5decbc9b16bb324a137813b6b0d24cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Aug 2020 04:23:57 GMT
server: cloudflare
age: 5525394
etag: W/"c64-5ac92709aa5ac"
vary: Host,X-Forwarded-Proto, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 795abab05d8e68e9-FRA
expires: Wed, 07 Feb 2024 08:24:26 GMT

GET
H2 200 9137778950174.svg
www.madeleine.de/medias/sys_master/images/images/h1e/h32/9137778950174/ 422 B
449 B 23ms
23ms Image
image/svg+xml 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madeleine.de/medias/sys_master/images/images/h1e/h32/9137778950174/9137778950174.svg

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4479ee1d55b90897c47b6933166e13d86510c02cfa37fa4681e0a035afeb7f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Aug 2020 04:23:57 GMT
server: cloudflare
age: 5525373
etag: W/"1a6-5ac92709ad48a"
vary: Host,X-Forwarded-Proto, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 795abab11e3868e9-FRA
expires: Wed, 07 Feb 2024 08:24:27 GMT

GET
H2 200 9137779015710.svg
www.madeleine.de/medias/sys_master/images/images/h46/h01/9137779015710/ 536 B
462 B 24ms
23ms Image
image/svg+xml 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madeleine.de/medias/sys_master/images/images/h46/h01/9137779015710/9137779015710.svg

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1a1cd9e2faed4138d649b8ec117959ae9f8f7b0205eb902b70e599aaf363d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Aug 2020 04:23:57 GMT
server: cloudflare
age: 5525394
etag: W/"218-5ac92709b1325"
vary: Host,X-Forwarded-Proto, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 795abab16ea168e9-FRA
expires: Wed, 07 Feb 2024 08:24:27 GMT

GET
H2 200 9137779081246.svg
www.madeleine.de/medias/sys_master/images/images/he2/hd7/9137779081246/ 4 KB
2 KB 20ms
19ms Image
image/svg+xml 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madeleine.de/medias/sys_master/images/images/he2/hd7/9137779081246/9137779081246.svg

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8862263ce56b64863b53aa9a9ae60c02addf82fd39b55016aad9da8ad526150c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Aug 2020 04:23:57 GMT
server: cloudflare
age: 5525395
etag: W/"f95-5ac92709b5976"
vary: Host,X-Forwarded-Proto, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 795abab18ebf68e9-FRA
expires: Wed, 07 Feb 2024 08:24:27 GMT

GET
H2 200 languages.json Show response
api.usercentrics.eu/settings/m3K2asoFL4ogzT/latest/ 61 B
625 B 29ms
28ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/m3K2asoFL4ogzT/latest/languages.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.16.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.madeleine.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 0
x-client-geo-location: DE,DEHE
x-guploader-uploadid: ADPycdve0pdNIi76ledndQQvk0aW4CkKHhzbE9luZLMx70GWL21wCsUZBflsOcW8qUvJU6hOjBRSJ5oX4XFzqEtfMjc2cEk1i2WP
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
last-modified: Fri, 23 Dec 2022 10:15:19 GMT
server: UploadServer
etag: "da13a9b5363ff28c20e52e67131f24fd"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
x-goog-generation: 1671790519647379
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10
x-goog-stored-content-length: 67
accept-ranges: bytes
content-type: application/json
expires: Tue, 07 Feb 2023 08:24:36 GMT

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/m3K2asoFL4ogzT/latest/ 0
0 64ms
21ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/m3K2asoFL4ogzT/latest/languages.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.madeleine.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 08:24:26 GMT
expires: Tue, 07 Feb 2023 08:24:26 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEHE
x-guploader-uploadid: ADPycdvP_EBbdv7z9Y5hzZzNsbrYTcxgqiMq-mDDCF7-23YODFf_ux_9BB2b-M_rhgz50iWKtQQqzie84jSlceNdiKSiQrxHhip6

GET
H2 200 index.bundle.js Show response
www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/js/ 940 KB
285 KB 37ms
37ms Script
application/javascript 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/js/index.bundle.js

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dcae23bc7cdbb976ea58f6e7652a9d881c636986bd50fa3aa6a3616e2e2300a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 14 Dec 2022 05:50:50 GMT
server: cloudflare
cf-cache-status: HIT
age: 4760368
etag: "eafc0-5efc351a4b55e-gzip"
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 795abab08daf68e9-FRA
expires: Wed, 07 Feb 2024 08:24:26 GMT

GET
H2 200 promobar.js Show response
assets-production-mm.cstmrc.io/ 5 KB
2 KB 18ms
18ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-production-mm.cstmrc.io/promobar.js
Requested by: Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2965ee822a13cc588d4f3eb300ba97de5d01598ed499bef92a9e8406f2b237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VMNRGDNRM75YG74S
age: 894
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: wz1Nu6LkIPvWDbsPK+RY8PXt395vAbZBP4hV8D5CWfIjPDmjBfo4kZqnVahVyAT6syydhQEl29k=
last-modified: Thu, 08 Dec 2022 10:48:53 GMT
server: cloudflare
etag: W/"0b3338616495b4184460171b7932f724"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsNCHgP7dJoQHrCzTdzgb%2FlN4TilGUlfUp792v4b0Hwp%2B2seKudhOZjrjsWi7Gt%2BQAnVo4zsVZyBtflw8uElQcZTdSujCrbjHlQJOmBJO0rJvJDMiPZPZMp5Y6WwFxb4Pq2MM%2BagY3pPC9XHeF4Fsyi8OsA6PS0E9s1qp7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 795abab0fbe190a6-FRA

GET
H3 200 de.json Show response
api.usercentrics.eu/settings/m3K2asoFL4ogzT/latest/ 57 KB
12 KB 33ms
32ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/m3K2asoFL4ogzT/latest/de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.16.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

26b307d5e32eeda3f58207e1179239de876074bb160e5c3fa959d608bd7295e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.madeleine.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Feb 2023 08:24:26 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1
x-client-geo-location: DE,DEHE
x-guploader-uploadid: ADPycdubt08qUYQNRQTO36hzrsWfkSI-dUMlCszV2JNdVyNHJVj3gSC6gC1o61zckxiKpogycUdwCRT78n9RKMurjLmliw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12577
last-modified: Fri, 23 Dec 2022 10:15:19 GMT
server: UploadServer
etag: "36a7fc081d33e2833b053b694df0b515"
vary: Accept-Encoding
x-goog-generation: 1671790519634107
x-goog-hash: crc32c=8ervnw==, md5=Nqf8CB0z4oM7BTtpTfC1FQ==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10
x-goog-stored-content-length: 12577
accept-ranges: bytes
content-type: application/json
expires: Tue, 07 Feb 2023 08:24:36 GMT

OPTIONS
H3 200 de.json
api.usercentrics.eu/settings/m3K2asoFL4ogzT/latest/ 0
0 21ms
21ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/m3K2asoFL4ogzT/latest/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.madeleine.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 08:24:26 GMT
expires: Tue, 07 Feb 2023 08:24:26 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEHE
x-guploader-uploadid: ADPycdvmGdGwM-BGtLBS2WbSYgrTKs06KtdDfvBMM0xTlDmm5oOtzYgfC3-Hv8AJ7xFhkNgreJPw2g84wRPNhMrZB0di

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
833 B 7ms
7ms Image
image/png 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=m3K2asoFL4ogzT

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 869
x-guploader-uploadid: ADPycdsEK482vCUGSFEIkz42bk5r6LzwhwvGhZAXuQYm9zn1lOAnE9mdQBxepF2jzJvsznciWho6D9p9fwyPMt5y-FUa
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1588928773413784
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type: image/png
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
expires: Tue, 07 Feb 2023 08:39:58 GMT

GET
H3 200 DefaultData-c8cc3b59-94d0fc63.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 2 KB
1000 B 8ms
7ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/DefaultData-c8cc3b59-94d0fc63.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

70fdf46ec720c9235e60fe600dd444bd55a7422894d37763364fe4cde32d0d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.madeleine.de/
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:08:14 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1016173
x-guploader-uploadid: ADPycdsA6QyQ24AfnLtVZwjJOOG3irYrTP_zZtCsOkyRtfsWbJHSlTVuG6G52JJsM8PG1944Sce7ur9C4gXkEJP_ETbtjy3MA32G
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 969
last-modified: Thu, 26 Jan 2023 14:06:34 GMT
server: UploadServer
etag: "69f5b0440acf6f9cdc7246821dfca46a"
x-goog-generation: 1674741994784808
x-goog-hash: crc32c=TZ3h6A==, md5=afWwRArPb5zcckaCHfykag==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 969
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:08:14 GMT

GET
H3 200 translations-de.json Show response
api.usercentrics.eu/translations/ 8 KB
3 KB 7ms
7ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.16.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5726f479faf0b0e93fe5e114e4059e25908c7d4cebeef1805bb3531d1e2175ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.madeleine.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: application/json

Response headers

date: Tue, 07 Feb 2023 00:51:31 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 27176
x-client-geo-location: DE,DEHE
x-guploader-uploadid: ADPycdt08DyNWfiT84AgfQX-jfsW35S62E0Ws1dBl7kHTaAhTR8TwJu1mK25bBzcsk-6HN8WNbQfa6KLwqkmzbEgW7nHDrcOsYQ1
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2825
last-modified: Mon, 23 Jan 2023 13:18:45 GMT
server: UploadServer
etag: "39df8ef384e368a1b53b499b1d535249"
vary: Accept-Encoding
x-goog-generation: 1674479924944316
x-goog-hash: crc32c=3t2x1Q==, md5=Od+O84TjaKG1O0mbHVNSSQ==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400, s-maxage=86400
x-goog-stored-content-length: 2825
accept-ranges: bytes
content-type: application/json
expires: Wed, 08 Feb 2023 00:51:31 GMT

OPTIONS
H3 200 translations-de.json
api.usercentrics.eu/translations/ 0
0 21ms
20ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.madeleine.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 08:24:27 GMT
expires: Tue, 07 Feb 2023 08:24:27 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEHE
x-guploader-uploadid: ADPycdupPlN_mi0xQKHzPVkQjuC9C8JGH3VxcA-5xgtprDGLMMMQEIRy8q71lqTljXRcDa3SOSQl7xgtQE9eMA5nmdfq

GET
H3 200 DefaultUI-dc03f385-1407283b.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 2 KB
785 B 8ms
7ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/DefaultUI-dc03f385-1407283b.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c00e294f27455daf0a8786c12f012deeadca25d1e698f9a80d7a430c46698f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.madeleine.de/
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:08:15 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1016172
x-guploader-uploadid: ADPycduMaEwZ2SFu6EyY_5gU4jAwrrICHihDnSuUcwR3S156AsBDE95UBfsEmDEruqHgUIbShuytwDWHvlH57t8Ny2wKbyBOir7B
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 754
last-modified: Thu, 26 Jan 2023 14:06:35 GMT
server: UploadServer
etag: "fd76be1152080608d7ac3208d1c01f04"
x-goog-generation: 1674741995246297
x-goog-hash: crc32c=zqMWOA==, md5=/Xa+EVIIBgjXrDII0cAfBA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 754
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:08:15 GMT

GET
H3 200 FirstLayerCustomization-9f2ad3bf-05bf0bc5.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 3 KB
1 KB 8ms
8ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/FirstLayerCustomization-9f2ad3bf-05bf0bc5.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e9007130e03ed730801cea9e8f70175288cb441c97e84b94e34f50d3c542a562

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.16.0/DefaultUI-dc03f385-1407283b.js
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:08:15 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1016172
x-guploader-uploadid: ADPycduQYMAAppizBfBRtjr0p1N9dxprP83n8wWrcjDH-kTFuDnMgwO4_sKF5yGEhTM2xUIkYDKajH6j-Wj-Ro_3dO9a2fU9o3gf
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1065
last-modified: Thu, 26 Jan 2023 14:06:35 GMT
server: UploadServer
etag: "a23252de5b70b1d36d95b2107eb43ab4"
x-goog-generation: 1674741995548449
x-goog-hash: crc32c=/8N5/A==, md5=ojJS3ltwsdNtlbIQfrQ6tA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 1065
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:08:15 GMT

GET
H3 200 ButtonsCustomization-d032f0b1-469d439b.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 473 B
266 B 9ms
8ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/ButtonsCustomization-d032f0b1-469d439b.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e1e2838d72c3c267345fa419ecba66f968fefc1f0928a8dc3da1d6df5078278c

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.16.0/DefaultUI-dc03f385-1407283b.js
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:08:15 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1016172
x-guploader-uploadid: ADPycdsXB3RlDDbljCGWxYqpu0JaASWa_IKTwt9s5iO_2nr3qCvspgO1Cl1bQiLCMaHH9u1HyShsoVFDFSHp0aylxg1_DcD_wGzW
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
last-modified: Thu, 26 Jan 2023 14:06:34 GMT
server: UploadServer
etag: "a5c40c9e0e1f4ef02c7bef2e76554ab9"
x-goog-generation: 1674741994037776
x-goog-hash: crc32c=Y5ZBeg==, md5=pcQMng4fTvAse+8udlVKuQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 235
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:08:15 GMT

GET
H3 200 SecondLayerUI-56be3c40-41d6e05f.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 567 B
348 B 9ms
9ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/SecondLayerUI-56be3c40-41d6e05f.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

112f05d9a926b4846f9325f21f6851a8fd3baecafb76be4e0a49265a3cf91da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.16.0/DefaultUI-dc03f385-1407283b.js
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:08:15 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1016172
x-guploader-uploadid: ADPycdsnIBgt8aDtCsN62n4FymJJkrTBmfDfo3yuJXMIFNNgzyhoGDqdjW1cBXmn-6WpLv1hZ3V7812qvGIm12K7vp9gBWbX251w
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
last-modified: Thu, 26 Jan 2023 14:06:36 GMT
server: UploadServer
etag: "4bfe2cf20e2599c18cf1d5ccf1490360"
x-goog-generation: 1674741996466617
x-goog-hash: crc32c=rl15ng==, md5=S/4s8g4lmcGM8dXM8UkDYA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 317
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:08:15 GMT

GET
H3 200 Taglogger-11fc0938-b844956d.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 1 KB
648 B 7ms
7ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/Taglogger-11fc0938-b844956d.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

43023061a506aa31987f6a256e4b42561c2fba643dcbba8e17124cb070d0a4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.madeleine.de/
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:08:15 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1016172
x-guploader-uploadid: ADPycdvSrqCzo3DjElnmHV30LbNJLrmuVJCwHpyZ8_xw87g2v5jDvsHFdidWZ6GzdHADkbbVICiy2H1G2escXhe86EWPZoMH6XUv
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617
last-modified: Thu, 26 Jan 2023 14:06:37 GMT
server: UploadServer
etag: "9c697e80b34c11ccdde1efbea29a7f00"
x-goog-generation: 1674741997311354
x-goog-hash: crc32c=RneQxQ==, md5=nGl+gLNMEczd4e++opp/AA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 617
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:08:15 GMT

OPTIONS
H2 204 graphql
graphql.usercentrics.eu/ 0
0 51ms
10ms Preflight 2600:1901:0:7903::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://www.madeleine.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 07 Feb 2023 08:24:27 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

OPTIONS
H2 204 1
consent-api.service.consent.usercentrics.eu/consent/uw/ 0
0 33ms
11ms Preflight
text/html 2600:1901:0:1e38::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-api.service.consent.usercentrics.eu/consent/uw/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://www.madeleine.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Feb 2023 08:24:27 GMT
server: Google Frontend
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: 8387665b1ec3bcdefa3a1d191668be0f

POST
H2 200 graphql Show response
graphql.usercentrics.eu/ 2 KB
1 KB 49ms
49ms Fetch
application/json 2600:1901:0:7903::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.16.0/index.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: 3577a40c67f3fcfabc544fe3637e1af37ebc744f51b496a9b82251c8d79798e7

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://www.madeleine.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Request-ID: 2db4662d-5be2-4202-9e82-2dbcc155c1e4
content-type: application/json

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: Express
etag: W/"9f4-DlPU7cmq1nFm4xqBWNj55elhhLY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 201 1 Show response
consent-api.service.consent.usercentrics.eu/consent/uw/ 0
86 B 13ms
13ms Fetch
text/html 2600:1901:0:1e38::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-api.service.consent.usercentrics.eu/consent/uw/1
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.16.0/index.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://www.madeleine.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Request-ID: 20aab481-918b-4daa-aa13-eca8b7c1e069
content-type: application/json

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
via: 1.1 google
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 2d7a5178528c043e1db63fb7de401be9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK onsite.min.js Show response
cdn.mateti.net/mcp/ 130 KB
44 KB 106ms
21ms Script
application/javascript 185.54.150.11
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mateti.net/mcp/onsite.min.js
Requested by: Host: metroforsteam.com
URL: http://metroforsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.11 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 42b6b7befd12ced4e5fb0649b3fcd613fa09c8db405c69833d0a5416171275c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 08:24:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 08:11:59 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Cache-Control: public,max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
BLOB 200
OK cd3c6a74-ec78-4c3f-91e0-df79662079d4
https://www.madeleine.de/ 19 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.madeleine.de/cd3c6a74-ec78-4c3f-91e0-df79662079d4
Requested by: Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c03e8889848a13066f74847df0f2de5b414c8b058eb706d0e9ed4630dea1a336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 19
Content-Type: text/javascript

GET
H2 200 icons.data.svg.css
www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/images/svg/_generated/ 259 KB
37 KB 31ms
30ms Stylesheet
text/css 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/images/svg/_generated/icons.data.svg.css

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/medias/sys_master/root/h6f/h0a/9309654253598/20230125-mmhtf-cleanup22-1674647533006-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a6a66a4b9cf3cc0882268f1236fb346975150b3c9e991c7c0df540ad1efd3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 14 Dec 2022 05:50:50 GMT
server: cloudflare
cf-cache-status: HIT
age: 4760683
etag: "40b7a-5efc3519a87e2-gzip"
vary: Host,X-Forwarded-Proto,Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 795abab1ef0368e9-FRA
content-length: 37821
expires: Wed, 07 Feb 2024 08:24:27 GMT

GET
H2 200 9e6bd15a-0492-48a0-b96a-d61af8838688
i8.amplience.net/i/madeleine/ 37 KB
37 KB 143ms
14ms Image
image/webp 2a02:26f0:3500:14::1724:a252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i8.amplience.net/i/madeleine/9e6bd15a-0492-48a0-b96a-d61af8838688?qlt=65&upscale=true&filter=l&fmt=auto&w=1344&h=778

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a252 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

d4dc8e3bb90c61568c7c8c0da742bd7ea3c21f3c6a635f284196b8779fd95774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: hXZUsxOxz,eJS-_vZ2t,naUehyOBO
x-req-id: 1N7SA5dNbB
content-length: 37568
x-xss-protection: 1; mode=block
x-amp-source-height: 3112
server: Unknown
x-frame-options: DENY
x-amp-source-width: 5376
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 01 Feb 2023 13:29:47 GMT

GET
H2 200 c7939d8b-1766-4985-b6ab-d83689d1e183
i8.amplience.net/i/madeleine/ 9 KB
9 KB 141ms
13ms Image
image/webp 2a02:26f0:3500:14::1724:a252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i8.amplience.net/i/madeleine/c7939d8b-1766-4985-b6ab-d83689d1e183?qlt=65&upscale=true&filter=l&fmt=auto&w=642&h=512

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a252 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

96bd18d771a56b3fbb5487d70c9ca2f3d9e75a57ace67d2f013d8c454dcaf013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: LDqYKVz-x,eJS-_vZ2t,gvxuwg3Vo
x-req-id: OGd9qPGz5q
content-length: 9244
x-xss-protection: 1; mode=block
x-amp-source-height: 2348
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2948
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 01 Feb 2023 15:03:49 GMT

GET
H2 200 52682e9c-15d2-448f-9ccb-1a7985bf5365
i8.amplience.net/i/madeleine/ 35 KB
36 KB 155ms
27ms Image
image/webp 2a02:26f0:3500:14::1724:a252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i8.amplience.net/i/madeleine/52682e9c-15d2-448f-9ccb-1a7985bf5365?qlt=65&upscale=true&filter=l&fmt=auto&w=642&h=512

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a252 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

8a66ec111bb823f38bac72a18f7e651bc2a0efc3c38a61169efd443b455712a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: QV5QpE6J_,eJS-_vZ2t,wsDGgbtBR
x-req-id: GFYoJ-YysH
content-length: 36000
x-xss-protection: 1; mode=block
x-amp-source-height: 2348
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2948
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Fri, 03 Feb 2023 11:34:26 GMT

GET
H/1.1 200
OK seal.min.js Show response
seal.digicert.com/seals/cascade/ 8 KB
4 KB 109ms
32ms Script
application/javascript 63.33.186.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.digicert.com/seals/cascade/seal.min.js

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 08:24:27 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000
last-modified: Mon, 06 Feb 2023 22:48:26 GMT
Server: nginx
etag: W/"1e3d-5f40fd43ce280"
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e98ff34de53cd80ecaf7528ba2d4ed4be55253a07c23c9a021cdda25f29c450

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 belluga.woff2
www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/fonts/ 335 KB
336 KB 25ms
25ms Font
application/octet-stream 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/fonts/belluga.woff2

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/styles/home.bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83783c12bb7d5a9d53084b1c651237c006c72fe4243230ed70396dcb6fc14ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/styles/home.bundle.css
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
strict-transport-security: max-age=15552000
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 05:50:50 GMT
server: cloudflare
age: 4760596
etag: "53df4-5efc351a23c91"
vary: Host,X-Forwarded-Proto, Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 795abab23f5168e9-FRA
content-length: 343540
expires: Wed, 07 Feb 2024 08:24:27 GMT

GET
H2 200 mmlc.json Show response
www.madeleine.de/session.client/ 6 B
1 KB 59ms
58ms XHR
application/json 104.18.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madeleine.de/session.client/mmlc.json?expiration=31536000&sameSite=None&secure=true

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/_ui/responsive/fpm/62514a8888a6e8b428a4256569b20843e3e51633/theme-madeleine/assets/js/index.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:24:27 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 795abab2cfd568e9-FRA
x-xss-protection: 1; mode=block
expires: 0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bc5d6b37d125de7605719fc95748a8fbf54e500f5034b5cf305079899db7a9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK geid.min.js Show response
cdn.wbtrk.net/js/ 1 KB
935 B 135ms
26ms Script
application/javascript 185.54.150.115
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wbtrk.net/js/geid.min.js
Requested by: Host: metroforsteam.com
URL: http://metroforsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.115 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5ef468e6b28f8232ff6dc2b54f48a016be6b2776a27b7e5191ab71393637dc57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 08:24:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2016 09:43:24 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 wt
wttd.madeleine.de/800707127625321/ 43 B
829 B 348ms
75ms Image
image/gif 185.54.150.132
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wttd.madeleine.de/800707127625321/wt?p=441,de.home.homepage.0,1,1600x1200,24,1,1675758267343,https%3A%2F%2Fapi.kelkoogroup.net%2F,1600x1200,0&tz=0&uc3=8K3K75&uc10=init&la=en&cg1=de&cg2=home&cg10=homepage&mc=extemc%3DXADF&mca=c&cp3=d&cp4=0&cp5=lm&cp6=home&cp7=p2&cp9=de&cp12=1&cp14=guest&cp24=Version%201.3.3&cp30=https%3A%2F%2Fwww.madeleine.de%2F%3Fextcmp%3DAFF_301835%26extemc%3DXADF%26hkmc%3DAFAW%26awc%3D29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c&cc1=8K3K75&cs2=XADF&cs3=XADF&cs6=2023FS&cs7=2022_2023&cs9=0&cs10=init&np=&pu=https%3A%2F%2Fwww.madeleine.de%2F%3Fextcmp%3DAFF_301835%26extemc%3DXADF%26hkmc%3DAFAW%26awc%3D29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c&eor=1
Requested by: Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.132 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: 9bf31c7f /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 08:24:27 GMT
last-modified: Tue, 07 Feb 2023 08:24:27 GMT
server: 9bf31c7f
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
content-type: image/gif;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 PrivacyButton-3bba7330.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 5 KB
2 KB 7ms
7ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/PrivacyButton-3bba7330.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f3d541bb8ac4f2634c8bc045e37ade096d7b03e2f67c54fe7f8bb81a8d7d4dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.madeleine.de/
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:11:52 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1015955
x-guploader-uploadid: ADPycdsDSx4CRZEVD6nWBmrwAhrLjtspX4PhN4NB5ICYeRCMom7VOJInrMnVad9wiMq8vN-pfxpCbzEVCF9FLdteu5W6wA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2449
last-modified: Thu, 26 Jan 2023 14:06:35 GMT
server: UploadServer
etag: "36fb19f9e075394843901f1a10660bbc"
x-goog-generation: 1674741995797729
x-goog-hash: crc32c=juqUfA==, md5=NvsZ+eB1OUhDkB8aEGYLvA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 2449
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:11:52 GMT

GET
H3 200 index-9bf85356.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 2 KB
847 B 8ms
8ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/index-9bf85356.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0a5d646081947c79c04a78eff5e2d68f4e3dfd603b85d63e83436c40863ecd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.madeleine.de/
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 08:40:09 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 431058
x-guploader-uploadid: ADPycduWchpGKVKYlyhbhb1X670iGnc58HXRfTz3SuvuPbVxTTi1JNt0PPCKEyRbIKDcP93ZHxcLeVH02i483oWuLQDTTf2dXIyh
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 807
last-modified: Thu, 26 Jan 2023 14:06:42 GMT
server: UploadServer
etag: "47a2922680818e2ba4ea96beae9c9c7b"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=56lYnw==, md5=R6KSJoCBjiuk6pa+rpycew==
x-goog-generation: 1674742002286856
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 807
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 02 Feb 2024 08:40:09 GMT

GET
H2 200 uct
uct.service.usercentrics.eu/ 35 B
278 B 52ms
22ms Image
image/gif 34.95.108.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uct.service.usercentrics.eu/uct?v=1&sid=m3K2asoFL4ogzT&t=1&abv=&r=https%3A%2F%2Fwww.madeleine.de%2F%3Fextcmp%3DAFF_301835%26extemc%3DXADF%26hkmc%3DAFAW%26awc%3D29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c&cb=1675758267454

Requested by

Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.108.95.34.bc.googleusercontent.com

Software

Google Frontend / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
via: 1.1 google
strict-transport-security: max-age=7776000
server: Google Frontend
x-powered-by: Express
content-type: image/gif
x-cloud-trace-context: 5ec78bbd66becb91323035a4812aad0d
cache-control: no-store
function-execution-id: ehpdr8hqzy7s
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35835b6e74f1f5ace898691597c5e61bc038565503c7a10c8877bb4a34d79c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b05d322032be21fe72e62f13062aa08c49c5af53a8b1838b115a0ade43b61d89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 328 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3f6b8c2d21b85c5b2f5ce0c1658c8facc653b4fc78a7d11a8aa2edde06d87d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 307 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c04d6d2a650a1d5e385cfce205c85e67f4ad1f864c35842a96fdf5adedb257f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 199 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6505f822319885f041a11a23250cecba8c074a1c049f23170c5b622201a407a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 416 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1f2de23da5b0d575b86d92cee201241253dfca6d813a6f8a3acb75c6300dcc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 141 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26fff17900ecd2d4a503e9c1bea26d77f415ac57442244c4fc553853a1371609

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 193 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e390ca8fb441db425b83c970bccd95285a6403283ae99549950481252412b5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK rdfs
r.mateti.net/ 0
0 123ms
25ms Preflight 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.madeleine.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.madeleine.de
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Tue, 07 Feb 2023 08:24:27 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK rdfs Show response
r.mateti.net/ 149 B
459 B 336ms
27ms XHR
application/json 185.54.150.12
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mateti.net/rdfs?cfg=1
Requested by: Host: cdn.mateti.net
URL: https://cdn.mateti.net/mcp/onsite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.12 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: /
Resource Hash: 3d8d05cb95a68b4fa817fb3730c18357676963862d7d2a82104b346596e10249

Request headers

Referer: https://www.madeleine.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: 2023-02-07
Content-Encoding: gzip
Vary: Origin,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.madeleine.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 122
Expires: 2023-02-07

GET
H3 200 index-439671c1.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 5 KB
2 KB 7ms
7ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/index-439671c1.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a47204b2d7b1f152eb5cf232dbb7ec75290f54cce5a1a9ff4a2554e11c6c5b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.madeleine.de/
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:16:36 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 774471
x-guploader-uploadid: ADPycdu1K6VMyuSZCqiWHQtW4UHwa1HED5pBkEUY9j8-IUzhonR6lKOdruvFKLwlNYSEo2aJbOQcCUz97EGqROhk7I3LGLq_WPWZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2044
last-modified: Thu, 26 Jan 2023 14:06:41 GMT
server: UploadServer
etag: "4c109b2202826b7fb339242a9b6d4e25"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=xV52yA==, md5=TBCbIgKCa3+zOSQqm21OJQ==
x-goog-generation: 1674742001867908
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 2044
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 29 Jan 2024 09:16:36 GMT

GET
H3 200 SaveButton-131a2968.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 1 KB
626 B 10ms
10ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/SaveButton-131a2968.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

71000d5a75287fa1937d6c3a2798f167406a28a7d78cdd3c73e0c9015042e163

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.16.0/index-439671c1.js
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1015954
x-guploader-uploadid: ADPycdsQpDWGR7I2aaXGOcBivny7UMN_t-s3mrOcU4gC13Gzl7ykcSonVL0spN-ohlu1fPEQyUZo7sxaMlXcvwWUMJAi5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
last-modified: Thu, 26 Jan 2023 14:06:36 GMT
server: UploadServer
etag: "6ccab73f832174f0b3943e2d54e45590"
x-goog-generation: 1674741996247612
x-goog-hash: crc32c=Ve4ntw==, md5=bMq3P4MhdPCzlD4tVORVkA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 587
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:11:53 GMT

GET
H3 200 VirtualServiceItem-c301e271.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 154 KB
47 KB 8ms
7ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/VirtualServiceItem-c301e271.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4d4f16a33e7d4a863cff6d98b4885ffc0e5fa213c0adb5a311d1873317905390

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.16.0/index-439671c1.js
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1015954
x-guploader-uploadid: ADPycdtCVsx-lnmdJzaaye7O0uJ4VC1-Zfezf9p9E4S-okWBxsfq5JkSEyFVTAFftZD4SK4mizPDtIJ9s0blb99LE6s6fw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48016
last-modified: Thu, 26 Jan 2023 14:06:38 GMT
server: UploadServer
etag: "cf0e2f6a2672d2224271e9455d13b076"
x-goog-generation: 1674741998546925
x-goog-hash: crc32c=Y2yBDw==, md5=zw4vaiZy0iJCcelFXROwdg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 48016
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:11:53 GMT

GET
H3 200 DefaultTabs-8f344cba.js Show response
app.usercentrics.eu/browser-ui/3.16.0/ 4 KB
2 KB 11ms
10ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.16.0/DefaultTabs-8f344cba.js

Requested by

Host: metroforsteam.com
URL: http://metroforsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0e4b650b66a32a398fad370a4d94ae5e4bb8a6cecb9446b3a4e98e466618773f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.16.0/index-439671c1.js
Origin: https://www.madeleine.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1015954
x-guploader-uploadid: ADPycdvJV8qt-XSkbrQWyM-bfERLgP1tDZ4wOgTvkMdGR2adrCvnUFYaAYx4nWiYfX9SRzDVDhg8TVYp7E2U1KKCI1NtKA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1685
last-modified: Thu, 26 Jan 2023 14:06:35 GMT
server: UploadServer
etag: "77b22af181b8bb13672a5599b917fe21"
x-goog-generation: 1674741995026256
x-goog-hash: crc32c=jizA6A==, md5=d7Iq8YG4uxNnKlWZuRf+IQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 1685
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 26 Jan 2024 14:11:53 GMT

GET
H2 200 MADELEINE_logo_rgb_black
x1.adis.ws/v1/media/graphics/i/madeleine/ 8 KB
9 KB 311ms
12ms Image
image/png 2a02:26f0:7100::687e:24e0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x1.adis.ws/v1/media/graphics/i/madeleine/MADELEINE_logo_rgb_black?fmt=png&h=96
Requested by: Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:24e0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: 67d64a877778aa4f671c4e6c07aacc34864dd3e92c0224d4a5b600df358f6fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amp-source-height: 153
date: Tue, 07 Feb 2023 08:24:27 GMT
server: Unknown
x-amp-srv: A
content-type: image/png
access-control-allow-origin: *
cache-tag: 5_lwfLUxJ,eJS-_vZ2t,iszJqG1rd
cache-control: max-age=1800, s-maxage=86400
x-amp-source-width: 624
x-req-id: NFbROmZvXg
accept-ranges: bytes
content-length: 8635
x-amp-published: Wed, 07 Sep 2022 14:43:41 GMT

GET
H2 200 cc Show response
geid.wbtrk.net/ 2 B
441 B 97ms
26ms Script
application/javascript 185.54.150.79
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geid.wbtrk.net/cc?a=rtacdb&c=wt_geid&ac=wt_geid&av=816757582670061819418194&al=24&acp=/&acd=.wbtrk.net&acl=180&o=s&x=1675758267573
Requested by: Host: metroforsteam.com
URL: http://metroforsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.79 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: c4ca4238 /
Resource Hash: 6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-wt-wcc: rtacdb
pragma: no-cache
date: Tue, 07 Feb 2023 08:24:27 GMT
last-modified: Tue, 07 Feb 2023 08:24:27 GMT
server: c4ca4238
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
content-type: application/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive
content-length: 2
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

fbc
fbc.wcfbc.net/v1/
Redirect Chain

https://wttd.madeleine.de/800707127625321/cc?a=r&c=wteid_800707127625321&t=https%3A%2F%2Ffbc.wcfbc.net%2Fv1%2Ffbc%3Fp%3D441%2C0%26acc%3D800707127625321%26t%3D1675758267747%26err%3D
https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=800707127625321&t=1675758267747&err=&c=wteid_800707127625321&v=4167575826700405379
https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=800707127625321&t=1675758267747&err=&c=wteid_800707127625321&v=4167575826700405379&rc

69 B
128 B

27ms
26ms

Image
image/png

185.54.150.123
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbc.wcfbc.net/v1/fbc?p=441,0&acc=800707127625321&t=1675758267747&err=&c=wteid_800707127625321&v=4167575826700405379&rc
Requested by: Host: www.madeleine.de
URL: https://www.madeleine.de/?extcmp=AFF_301835&extemc=XADF&hkmc=AFAW&awc=29051_1675758266_7df1f6f5851a18c68b3409ad8f05ed1c
Protocol: H2
Server: 185.54.150.123 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c1a69853198ae592f980806d6d489f43d03ee49f60df58b32ad375c03127703a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:24:27 GMT
server: nginx
content-length: 69
content-type: image/png

Redirect headers

location: /v1/fbc?p=441,0&acc=800707127625321&t=1675758267747&err=&c=wteid_800707127625321&v=4167575826700405379&rc
date: Tue, 07 Feb 2023 08:24:27 GMT
server: nginx
content-length: 217
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
seal.digicert.com/seals/cascade/ 159 B
595 B 32ms
31ms Image
image/png 63.33.186.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.digicert.com/seals/cascade/?tag=2z2zFvfa&referer=www.madeleine.de&format=png&lang=de&an=min

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2707ebaa45efd183f1346054b3c821135ec6383fe937dc21b94614c22ca0d738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 08:24:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff, nosniff
last-modified: Sat, 04 Feb 2023 02:57:01 GMT
Server: nginx
Content-Type: image/png
cache-control: max-age=7776000
Connection: keep-alive
Content-Length: 159
X-XSS-Protection: 1; mode=block, 1; mode=block
expires: Fri, 05 May 2023 02:57:02 GMT

GET
H2 200 cc Show response
geid.wbtrk.net/ 34 B
161 B 26ms
25ms Script
application/javascript 185.54.150.79
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geid.wbtrk.net/cc?a=c&c=wt_geid&rn_wt_geid=wt_geid&v=&cp=/&cl=-1&ccd=1&w=2&x=1675758268599
Requested by: Host: metroforsteam.com
URL: http://metroforsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.79 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: c4ca4238 /
Resource Hash: b65e2fc5def9773dc32177aea193f6adc77a2a72293d29be17b3ffa9df67a07d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.madeleine.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

www.madeleine.de Open in urlscan Pro 104.18.3.70

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

94 %HTTPS

37 %IPv6

18 Domains

28 Subdomains

25 IPs

7 Countries

1316 kBTransfer

3683 kBSize

35 Cookies

4 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.madeleine.de
104.18.3.70

Screenshot
Live screenshot

Full Image

69
Requests

94 %
HTTPS

37 %
IPv6

18
Domains

28
Subdomains

25
IPs

7
Countries

1316 kB
Transfer

3683 kB
Size

35
Cookies

69 HTTP transactions
12 data transactions