urlscan.io logo urlscan.io
SecurityTrails logo

www.mbmedien.group Open in urlscan Pro
2606:2c40::c73c:671d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.sicher-vor-ransomware.de/link.php?linkid=589020&uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4...
Effective URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78...
Submission: On February 01 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 3 countries across 26 domains to perform 74 HTTP transactions. The main IP is 2606:2c40::c73c:671d, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.mbmedien.group.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2021. Valid for: a year.
This is the only time www.mbmedien.group was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2001:1520:1:2... 8972 (GD-EMEA-D...)
2 2001:1520:1:2... 8972 (GD-EMEA-D...)
1 62.138.185.162 20773 (GODADDY)
1 9 2606:2c40::c7... 209242 (CLOUDFLAR...)
7 89.187.169.47 60068 (CDN77 ^_^)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 89.187.164.66 60068 (CDN77 ^_^)
6 5.35.252.246 8972 (GD-EMEA-D...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700::68... ()
1 2a00:1450:400... ()
1 142.250.186.34 ()
1 2 2a00:1450:400... ()
2 2a00:1450:400... ()
1 2a00:1450:400... ()
74 31
1    2001:1520:1:200::573 (Germany)

ASN8972 (GD-EMEA-DC-SXB1, DE)
links.sicher-vor-ransomware.de
2    2001:1520:1:200::50a (Germany)

ASN8972 (GD-EMEA-DC-SXB1, DE)
mbpi.mbmedien.de
1    62.138.185.162 (Germany)

ASN20773 (GODADDY, DE)
PTR: domainservice.mbmedien.de
lnks.sicher-vor-ransomware.de
9    2606:2c40::c73c:671d (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.mbmedien.group
7    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
consent.cookiefirst.com
9    2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
4    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6811:ddcc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscta.net
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    89.187.164.66 (United States)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-711.bunnyinfra.net
static.cookiefirst.com
6    5.35.252.246 (Germany)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: haproxy.mbmedien.de
subscription-center.dds.mbmedien.de
6    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
cta-service-cms2.hubspot.com
track.hubspot.com
1    2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
2    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
3    2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)
perf.hsforms.com
1    2600:9000:223c:6800:4:ed2a:7600:93a1 (United States)

ASN16509 (AMAZON-02, US)
edge.cookiefirst.com
1    2606:4700::6811:cacc (None, )

ASN- ()
api.hubapi.com
1    2a00:1450:4001:813::2008 (None, )

ASN- ()
www.googletagmanager.com
1    142.250.186.34 (None, )

ASN- ()
www.googleadservices.com
2    2a00:1450:4001:801::2004 (None, )

ASN- ()
www.google.com
2    2a00:1450:4001:813::2002 (None, )

ASN- ()
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2003 (None, )

ASN- ()
www.google.de
Apex Domain
Subdomains		 Transfer
12 cookiefirst.com
consent.cookiefirst.com — Cisco Umbrella Rank: 41356
static.cookiefirst.com — Cisco Umbrella Rank: 48031
edge.cookiefirst.com — Cisco Umbrella Rank: 52470
100 KB
9 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 7872
22 KB
9 mbmedien.group
www.mbmedien.group
152 KB
8 hubspot.com
app.hubspot.com — Cisco Umbrella Rank: 7153
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 13311
forms.hubspot.com — Cisco Umbrella Rank: 3787
track.hubspot.com
7 KB
8 mbmedien.de
mbpi.mbmedien.de
subscription-center.dds.mbmedien.de
749 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 934
88 KB
3 hsforms.com
perf.hsforms.com — Cisco Umbrella Rank: 11519
1 KB
2 doubleclick.net
googleads.g.doubleclick.net
2 KB
2 google.com
www.google.com
708 B
2 gstatic.com
fonts.gstatic.com
32 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 881
11 KB
2 sicher-vor-ransomware.de
links.sicher-vor-ransomware.de
lnks.sicher-vor-ransomware.de
2 KB
1 google.de
www.google.de
548 B
1 googleadservices.com
www.googleadservices.com
15 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
1 hubapi.com
api.hubapi.com
907 B
1 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 5869
26 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2564
16 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 4867
87 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2549
20 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 4000
3 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 440
11 KB
1 hscta.net
js.hscta.net — Cisco Umbrella Rank: 23068
6 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
33 KB
74 26
Domain Requested by
9 cdn2.hubspot.net www.mbmedien.group
9 www.mbmedien.group 1 redirects www.mbmedien.group
7 consent.cookiefirst.com www.mbmedien.group
consent.cookiefirst.com
6 subscription-center.dds.mbmedien.de www.mbmedien.group
subscription-center.dds.mbmedien.de
4 static.cookiefirst.com consent.cookiefirst.com
4 use.fontawesome.com www.mbmedien.group
use.fontawesome.com
3 perf.hsforms.com www.mbmedien.group
3 cta-service-cms2.hubspot.com js.hscta.net
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.google.com 1 redirects
2 track.hubspot.com
2 forms.hubspot.com js.hscollectedforms.net
js.hsleadflows.net
2 fonts.gstatic.com fonts.googleapis.com
2 unpkg.com 1 redirects www.mbmedien.group
2 mbpi.mbmedien.de links.sicher-vor-ransomware.de
mbpi.mbmedien.de
1 www.google.de
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com js.hsadspixel.net
1 api.hubapi.com js.hsadspixel.net
1 edge.cookiefirst.com consent.cookiefirst.com
1 js.hscollectedforms.net www.mbmedien.group
1 js.hs-banner.com www.mbmedien.group
1 js.hsleadflows.net www.mbmedien.group
1 js.hs-analytics.net www.mbmedien.group
1 js.hsadspixel.net www.mbmedien.group
1 app.hubspot.com www.mbmedien.group
1 cdn.jsdelivr.net www.mbmedien.group
1 js.hscta.net www.mbmedien.group
1 cdnjs.cloudflare.com www.mbmedien.group
1 fonts.googleapis.com www.mbmedien.group
1 code.jquery.com www.mbmedien.group
1 lnks.sicher-vor-ransomware.de
1 links.sicher-vor-ransomware.de
74 33

This site contains links to these domains. Also see Links.

Domain
blog.mbmedien.group
cta-redirect.hubspot.com
www.xing.com
www.linkedin.com
twitter.com
Subject Issuer Validity Valid
links.sicher-vor-ransomware.de
R3		 2021-12-07 -
2022-03-07		 3 months crt.sh
mbpi.mbmedien.de
R3		 2021-12-25 -
2022-03-25		 3 months crt.sh
lnks.sicher-vor-ransomware.de
R3		 2021-12-07 -
2022-03-07		 3 months crt.sh
www.mbmedien.group
Cloudflare Inc ECC CA-3		 2021-06-03 -
2022-06-02		 a year crt.sh
consent.cookiefirst.com
R3		 2022-01-25 -
2022-04-25		 3 months crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2021-06-04 -
2022-06-03		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
static.cookiefirst.com
R3		 2022-01-25 -
2022-04-25		 3 months crt.sh
subscription-center.dds.mbmedien.de
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
*.cookiefirst.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-16 -
2022-12-16		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Frame ID: 7B98B5A00FE1EFE0B143CF80D7B7783B
Requests: 68 HTTP requests in this frame

Frame: https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
Frame ID: AFC2F5A46CF9A4200040D62A62F9F022
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kommunikationspräferenzen

Page URL History Show full URLs

  1. https://links.sicher-vor-ransomware.de/link.php?linkid=589020&uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f... Page URL
  2. https://lnks.sicher-vor-ransomware.de/link.php?linkid=589020&uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f... Page URL
  3. https://www.mbmedien.group/subscriptioncenter/?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a... HTTP 301
    https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

74
Requests

97 %
HTTPS

84 %
IPv6

26
Domains

33
Subdomains

31
IPs

3
Countries

1425 kB
Transfer

5160 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.sicher-vor-ransomware.de/link.php?linkid=589020&uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301 Page URL
  2. https://lnks.sicher-vor-ransomware.de/link.php?linkid=589020&uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&type=1 Page URL
  3. https://www.mbmedien.group/subscriptioncenter/?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020 HTTP 301
    https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://unpkg.com/isotope-layout@3.0/dist/isotope.pkgd.min.js HTTP 302
  • https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js
Request Chain 69
  • https://www.google.com/pagead/landing?gcs=G1--&rnd=1834585008.1643719514&url=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter&gtm=2oa1q0&auid=319058717.1643719514&did=dZTQ1Zm&gdid=dZTQ1Zm HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&rnd=1834585008.1643719514&url=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter&gtm=2oa1q0&auid=319058717.1643719514&did=dZTQ1Zm&gdid=dZTQ1Zm

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
link.php
links.sicher-vor-ransomware.de/ 		2 KB
950 B 		Document
General
Check archive.org
Download Go to
Full URL
https://links.sicher-vor-ransomware.de/link.php?linkid=589020&uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1520:1:200::573 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
04bf502389271d9e2cec063f983ffa758c98f365e8409626412a89229baeb7f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 01 Feb 2022 12:45:09 GMT
content-type
text/html; charset=UTF-8
content-length
697
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
x-powered-by
PleskLin
piwik.js
mbpi.mbmedien.de/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mbpi.mbmedien.de/piwik.js
Requested by
Host: links.sicher-vor-ransomware.de
URL: https://links.sicher-vor-ransomware.de/link.php?linkid=589020&uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1520:1:200::50a , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://links.sicher-vor-ransomware.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:09 GMT
content-encoding
br
last-modified
Sun, 05 Dec 2021 17:05:32 GMT
server
nginx
etag
W/"61acf15c-f93c"
vary
Accept-Encoding
content-type
application/javascript
piwik.php
mbpi.mbmedien.de/ 		0
269 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mbpi.mbmedien.de/piwik.php?action_name=&idsite=383&rec=1&r=512082&h=12&m=45&s=9&url=https%3A%2F%2Flinks.sicher-vor-ransomware.de%2Flink.php%3Flinkid%3D589020%26uk%3Duk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&uid=e_a4c9a3a46ac3161f&_id=262c3c72e385469f&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=36206&dimension5=25&cvar=%7B%221%22%3A%5B%22PID%22%2C%2236673562%22%5D%2C%222%22%3A%5B%22linkid%22%2C%22589020%22%5D%2C%224%22%3A%5B%22DD_ID%22%2C%2227673562%22%5D%7D&_cvar=%7B%221%22%3A%5B%22PID%22%2C%2236673562%22%5D%2C%222%22%3A%5B%22linkid%22%2C%22589020%22%5D%2C%224%22%3A%5B%22DD_ID%22%2C%2227673562%22%5D%7D&pv_id=mLiKJm&pf_net=48&pf_srv=50&pf_tfr=1&pf_dm1=22
Requested by
Host: mbpi.mbmedien.de
URL: https://mbpi.mbmedien.de/piwik.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1520:1:200::50a , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx / PHP/7.4.16
Resource Hash

Request headers

Referer
https://links.sicher-vor-ransomware.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://links.sicher-vor-ransomware.de
date
Tue, 01 Feb 2022 12:45:09 GMT
access-control-allow-credentials
true
server
nginx
x-powered-by
PHP/7.4.16
p3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
link.php
lnks.sicher-vor-ransomware.de/ 		953 B
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lnks.sicher-vor-ransomware.de/link.php?linkid=589020&uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&type=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.138.185.162 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
domainservice.mbmedien.de
Software
nginx / PleskLin
Resource Hash
ba9fa711b796f32c5dd818fe68797a9bebc08bc0a3c8d1bd217fba5e2066861b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://links.sicher-vor-ransomware.de/

Response headers

server
nginx
date
Tue, 01 Feb 2022 12:45:09 GMT
content-type
text/html; charset=UTF-8
content-length
448
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
x-powered-by
PleskLin
Primary Request subscriptioncenter
www.mbmedien.group/
Redirect Chain
  • https://www.mbmedien.group/subscriptioncenter/?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hu...
  • https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub...
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / HubSpot
Resource Hash
884847c74c5c64f127f811a8d18e5f315b24d9a89a7ac5e95f804e755c41a045
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lnks.sicher-vor-ransomware.de/link.php?linkid=589020&uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&type=1

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-type
text/html; charset=UTF-8
cache-control
s-maxage=14400, max-age=0
etag
W/"7f05ec50548d0fb72132367855df312b"
last-modified
Sat, 29 Jan 2022 09:46:35 GMT
link
</hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js>; rel=preload; as=script,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
edge-cache-tag
CT-54453419827,P-2657483,L-54457179518,L-5890435013,W-4501874992,CW-54457160522,CW-6172429038,E-5795803970,E-5820392101,MENU-4501874992,PGS-ALL,SW-3,GC-33893836885
referrer-policy
no-referrer-when-downgrade
x-hs-cache-config
BrowserCache-5s-EdgeCache-180s
x-hs-cf-cache-status
HIT
x-hs-combine-css
Disabled
x-hs-content-id
54453419827
x-hs-hub-id
2657483
x-hs-prerendered
two-phase;Sat, 29 Jan 2022 09:46:35 GMT
x-powered-by
HubSpot
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BjVZ7LWTrn1F%2BNq1IOl3crqXg4%2FCNBYw6BusZe0JcVKEIqN7b%2FgPcDJ77yc6n8WNZ9Bwe6193ZZojv1C%2FRHeiWXFE99F%2B8Xo7yLWQcCnrr%2BjO6bLzzbuI0%2Bc%2FvqSxD3VgIbN5mCY1TorQYnCzLtJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d6b46811e0583a0-MXP
content-encoding
br
cf-h2-pushed
</hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js>,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>

Redirect headers

date
Tue, 01 Feb 2022 12:45:11 GMT
location
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
cf-ray
6d6b4679fdf583a0-MXP
cache-control
no-transform, max-age=120
expires
Tue, 01 Feb 2022 12:47:11 GMT
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
edge-cache-tag
CT-54453419827
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id
96ffac6c-1ebb-4db6-8a3e-b2b223b67a1a
x-trace
2B0B77BC4600537D1F17936F97221CE20DF5C57BA5000000000000000000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BC4KAPY8xsMbNPaAMmE2cxCkVz%2ByuDykJKLfWd4P7sspQu%2BxPTqUdov3L7nmuRcGbD6FJFthsYWeZ4D4iLw7rNmP293%2BkEAPm%2BRVBdEGeJvqrzgbVyGnEuOeEpSAOjqeCgaOj1n%2Fb%2FaYRDca%2FBoag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
index.js
www.mbmedien.group/hs/hsstatic/HubspotToolsMenu/static-1.119/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mbmedien.group/hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9bc6dec214e0ac4562af8a3854d2d46772e46e66806ab6aed8ba22d833d0dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 a7750b04e96e89c0816616ed8cc70afc.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6641271
x-amz-server-side-encryption
AES256
cf-ray
6d6b46826a1b83a0-MXP
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Mon, 15 Nov 2021 14:59:45 GMT
server
cloudflare
etag
W/"e87d0efee17e652760ab5ccd33fbc8ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jY2%2BfQl0GPPxGilyIvFi95Xeq%2BDJW4O8Dmo4dIXxrPIZcxt9h1reSJ3aD8b8f6MV0Zb3%2FHwkyloma82ZvJeaRalJOMzUp4bqtEvu5gHLNQE9QilfoiYNqj8YKYmQ3uOSPTyKl%2Fgthy5P84qO5cXKkw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
vdFz9Y2Y_lpsefQtRnWK89fgZF54ag5p
cache-control
public, max-age=31536000
x-amz-cf-pop
MXP64-C3
content-type
application/javascript
x-amz-cf-id
oowouZ2hMXSLmMWGjSB6G5xpuMdZcg7bLPjIw77XU3erpdhf6-awkA==
expires
Wed, 01 Feb 2023 12:45:11 GMT
project.js
www.mbmedien.group/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 		2 KB
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mbmedien.group/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 e7bb40fae65694ea199c059324c79b1d.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8088207
x-amz-server-side-encryption
AES256
cf-ray
6d6b46826a1d83a0-MXP
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Wed, 19 Aug 2020 22:24:11 GMT
server
cloudflare
etag
W/"ef84f26c310485299d6b75777414eddb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIRi%2BYW0ZwIBj5fmMbLIQpKXAaxS8QqOoCKQZFUKSm2DzwN8v%2B9OmILpmTOOH2FX9tZtbwC2j8jsRH1%2B%2BsyLrqhz4SmsRkKPaCWdL4ruA%2Fsc%2B7QIrbQQI4fzgrAGy3ZSPPYvOa95n6gqEKM%2F0jQ0dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
gEenO44eZUewxnIWfgj9q6LB.g9OszNv
cache-control
public, max-age=31536000
x-amz-cf-pop
MXP64-C3
content-type
application/javascript
x-amz-cf-id
AnviHYca2hlbb5G51_T17Wuv1jD6xYYJY1UmE4_aI5clZmsy63hA2A==
expires
Wed, 01 Feb 2023 12:45:11 GMT
project.js
www.mbmedien.group/hs/hsstatic/cos-i18n/static-1.53/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mbmedien.group/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 2e43986a04a6f3855afada20b7c99fb5.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7241923
x-amz-server-side-encryption
AES256
cf-ray
6d6b46826a1f83a0-MXP
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKwt1UFfZniWbJlVA8vRcnpQNotjRAlV6p5trkirA%2B7LDkuJqJ4H56Pz%2BRD7EPQguciGr1Yp3hN9SunKtHv5Dj%2BcoTigTqzMHFZV%2FyiZYXtKfo2rIVUkoRYM2Ctm9eWZcNStG6%2FDG4rjLlIFPuTpsw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
cache-control
public, max-age=31536000
x-amz-cf-pop
MXP64-C3
content-type
application/javascript
x-amz-cf-id
CE21cBKLoHLMgv_FfuuXcofVh97z4XP-jlmovO0uSYXwEBmrZUHeig==
expires
Wed, 01 Feb 2023 12:45:11 GMT
jquery-1.7.1.js
www.mbmedien.group/hs/hsstatic/jquery-libs/static-1.1/jquery/ 		92 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mbmedien.group/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 b42dcb0e829272da33349fb003e43062.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24568605
cf-ray
6d6b4682ebbe83a0-MXP
x-cache
Miss from cloudfront
content-encoding
br
last-modified
Tue, 25 Nov 2014 17:03:30 GMT
server
cloudflare
etag
W/"ddb84c1587287b2df08966081ef063bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFy5ylOZNV179U3wdzVmrFNtaiF5VynsYOgxuVFBw%2FZlZpHKFQZhaI3dOBsXuK%2BsWHw02PyHgelt%2F2Y1G7aYi0dWVDC8XqKBoSKlS8Y5KVWjda0H0vmbtWWvLzsOgTWI7yiYrLRZSVOmJbCFZwHGcg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
null
cache-control
public, max-age=31536000
x-amz-cf-pop
MXP64-C3
content-type
application/javascript
x-amz-cf-id
YTkYRDPBdudmyWeXUzTjbkDg2CCJ3SAvKEnaY-frCMX823Q4i-LuJQ==
expires
Wed, 01 Feb 2023 12:45:11 GMT
banner.js
consent.cookiefirst.com/ 		485 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
Cookie First CDN-DE1-756 /
Resource Hash
649ddfc77e4f1dcbadd2e268e41165edfcad080a2b12bc770621f333a9ba4904

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
56
cdn-storageserver
DE-51
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/01/2022 11:07:56
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-DE1-756
access-control-allow-origin
*
last-modified
Tue, 01 Feb 2022 11:05:47 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"61f9140b-1e5"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=300
cdn-requestid
45047396c93340a557533c7292fde0e2
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1643384667897/hubspot/hubspot_default/shared/responsive/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1643384667897/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1643384667941
date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
334824
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzI7iv1VdP7tpE1P3tI9OpCdCZ6vG7SlROui%2F%2F5SSZuP4VMI0lZo%2Fxu%2FSy%2FW%2BzuNNHsemIzgahrKISU2JQORSJd7Hmn7IAm8HH8MZZIn%2BcIfOhffVb1xKE%2BChTY43fGPVpRrmqd7Zrio68gyoLw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
last-modified
Fri, 28 Jan 2022 15:44:28 GMT
server
cloudflare
etag
W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-P1
cf-ray
6d6b46839e4283a3-MXP
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
SodiumV2_20180530.css
www.mbmedien.group/hs-fs/hub/2657483/hub_generated/template_assets/5820392101/1582807573394/Codierte_Dateien/Custom/page/Sodium_CSS/ 		861 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mbmedien.group/hs-fs/hub/2657483/hub_generated/template_assets/5820392101/1582807573394/Codierte_Dateien/Custom/page/Sodium_CSS/SodiumV2_20180530.css
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4a42b3857e6d4e99092f5c43f17498157201d75241e15f7aff7fff2effe9678

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
606
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
P1313HBRGDJSNBKX
x-amz-id-2
+jtRqgUBzYdxtZaU6MZRTk5RsMHgMr4VdSOFXiBKCtvzabtjAZT93u7v0Z8z8Z07IwEFSQNgSVE=
last-modified
Thu, 27 Feb 2020 12:46:14 GMT
server
cloudflare
etag
W/"1c7dbbcf2b8bdece11d934e02a3ba3e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBSucMmCdnYc99FEvprhmq7375bec1kjT2O3c8c970N0JAgnjsSKht3OFa2JIW2jV1Ws%2FORtkCjJcXktyB7f3tLSsVG9%2Fsd2NJv%2BSUp1ADe%2F2KcFu%2BA7XO5RD9FTNgx7c4LnIhsQQg3gTE6qHQ6gmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
pnq6g_tpYi7Sp_VL.jfQ4IrslPS_McV9
x-amz-cf-pop
IAD89-P1
cf-ray
6d6b4682ebc183a0-MXP
x-amz-cf-id
_vAneT-QPUulj1dfCz7Ukiu05mZz6nNYL9RmWuG83gaMTK_wXi5dpg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
jquery-1.12.4.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Origin
https://www.mbmedien.group
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-17b8b"
vary
Accept-Encoding
x-hw
1643719511.dop016.ml1.t,1643719511.cds003.ml1.hn,1643719511.cds214.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
7650ba8e3e.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/7650ba8e3e.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05b1a75007ed1a905a22cca19fc7eb84b5a48ac6b61898096cc3e2c9d654110

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2636
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MD3HZEK8XTVB57EW
x-amz-id-2
Hg8QjFeUIMGTO+poUQ++kPazTbVLEk7DfN7LnBVyxhFTY7KVIFOqqEMg7bZKWKfK36Pb8dmTfMQ=
last-modified
Wed, 30 Jun 2021 20:52:00 GMT
server
cloudflare
etag
W/"17330706b9ddf331a477632d728ba2a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZjazkE5Qt3w8gvDkdDQ6UZuQy%2Bhft1moEtEBEtRuAU5EH09Q%2FLJ%2FcXtx%2F0ImEFB87BMnnzDGP3oS4%2FxnI2zie3gnOoMLOa1HZMaAQS4kToLKZNICiAzx60fsKBWkJwWVvnLZTo0nJCA5YyzB58LqYIz"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
6d6b468469b00e06-MXP
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:300,400,500,700&subset=latin-ext
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02b57145b102159c181a710cfebcd3f8a3713fd56b60229ad1f7965db3820004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 12:45:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 01 Feb 2022 12:45:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Feb 2022 12:45:11 GMT
isotope.pkgd.min.js
unpkg.com/isotope-layout@3.0.6/dist/
Redirect Chain
  • https://unpkg.com/isotope-layout@3.0/dist/isotope.pkgd.min.js
  • https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js
35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
24583032
fly-request-id
01F3Y0W0E4E3WFFQKXXC1EK1WD
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"8a75-xOWZTyTujI0s8tZgLwtWuQlqLpg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6d6b46844bf9d600-MXP

Redirect headers

date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FTTMRR382KF82W0SE7N5KWGE
server
cloudflare
age
322
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/isotope-layout@3.0.6/dist/isotope.pkgd.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d6b46838a17d600-MXP
access-control-allow-origin
*
magnific-popup.min.css
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7739889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1283
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed4-148b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMw9WCw%2FBI48uxKqh8CsiFSj%2Fmxq1JO7%2BQkPLtWE8taOiP7CbbRxWWS6Ke4zGKqEixOODt632EjMWyMGn6vjVl4YJe%2FlYj07F0sOFTYTjp8zolqQECZDhfUE4pVjFk%2FBYPfBHEHNIHskW9a1hiZve4pl"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d6b46839dfb83a6-MXP
expires
Sun, 22 Jan 2023 12:45:11 GMT
MBmedienGroupGmbH-Pfad-650x170px.svg
www.mbmedien.group/hubfs/MBmedien-Logos-Transparent/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mbmedien.group/hubfs/MBmedien-Logos-Transparent/MBmedienGroupGmbH-Pfad-650x170px.svg
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b3dc686cb866459debf641fc6c79b3b8371e66391898f07250f297cf8fd58a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 1457b830deed1c2472ac9d931556584a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-6411707653,FD-5913980371,P-2657483,FLS-ALL
age
95156
x-amz-server-side-encryption
AES256
edge-cache-tag
F-6411707653,FD-5913980371,P-2657483,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
BHM2Y14DCH40AYEH
x-amz-id-2
sFg4/18TrpESVwcz3ImNQ34a0f1f2WnRvdl4KOfHRo9t5v9CQJwhY8abfwyJg+8BVwafGnqQCQw=
last-modified
Tue, 09 Feb 2021 09:59:24 GMT
server
cloudflare
etag
W/"66466ede443ff9a650858a7f4d0d8e0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPNWKvfc%2BFmRutkroud3TKp2GSzDNliHYWez%2FC9bR7TJBn5LAJJ%2BitXLNHQ582bijSwOijyZJDWY3v5C9V1Ize8nrjmUIQoNeUuYsAjtsdLKDVMb7CTbXspxtcU861CVciKbPS11xTJC%2FKC3p%2BW5Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
SLHeP70F7TeJ7Xmvq.51Su4kzzHzcjBQ
x-amz-cf-pop
MXP63-P3
cf-ray
6d6b4683fefc83a0-MXP
x-amz-cf-id
24XACIWjzsWIpsJk-f_hTzXzyG7clAoTTHrkAdo_qKb7GbWFvl3bZQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
current.js
js.hscta.net/cta/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscta.net/cta/current.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ddcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb146e39a41a0857d9740427e40290f58e9496bcc5d494d7e814a905b41fa3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 cea67f5ca1b497624430e599aa6b7c62.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
405
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.71/bundles/current.js&cfRay=6d6b3c9f99520f4e-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Mon, 31 Jan 2022 12:20:13 UTC
server
cloudflare
etag
W/"e5aa54aa8860f9e64a407d3b94035340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
ieYcJJ21544o3B5VWOxXy6hxkxi051xh
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6d6b46846cef0f86-MXP
x-amz-cf-id
J7lSVaO6ZPKbi_uxO8Or5r1lGyCfeZUNWs8ByumZCnBReie0f8woHA==
x-hs-target-asset
cta-embed-js/static-1.71/bundles/current.js
slick.min.js
cdn.jsdelivr.net/jquery.slick/1.6.0/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.min.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
8524701
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19128-FRA, cache-mxp6932-MXP
timing-allow-origin
*
server
cloudflare
etag
W/"a3e1-6fy8xPpwy6CTuB2YKht4UJQUzvc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6d6b46846b003753-MXP
Turbo-Sodium-jquery.classyloader.min.min.js
cdn2.hubspot.net/hub/685080/hub_generated/style_manager/1442583771462/custom/page/Sodium_JS/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/685080/hub_generated/style_manager/1442583771462/custom/page/Sodium_JS/Turbo-Sodium-jquery.classyloader.min.min.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2603028561869703a7b2a0ee9e76daf58cea72991c6b1322c96d9a255a16862d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1711234
access-control-allow-methods
GET
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
last-modified
Fri, 18 Sep 2015 13:42:52 GMT
server
cloudflare
etag
W/"37b6fe06f7ae8757c0690a0ebde65384"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtoMWd21rlqmNSXWGL6AsnAJBhBg17vuRSgIvIO832s678KsLoGw%2ByFG5vUTfVPUSruvXvRqe475vgH5RGFaNSC3K%2BISUocaJeKgvduYK6%2BxWbjfIQNZlx2nNMc9kzbTbqKjazGOy26MUSgM%2Bho%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-C1
cf-ray
6d6b4683ff3383a3-MXP
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
Turbo-Sodium-jquery.slicknav.min.min.js
cdn2.hubspot.net/hub/685080/hub_generated/style_manager/1442583791232/custom/page/Sodium_JS/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/685080/hub_generated/style_manager/1442583791232/custom/page/Sodium_JS/Turbo-Sodium-jquery.slicknav.min.min.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5753ff346e269f0c2faa85f137a85a0051b8b1b58d81cd228f9f3557731ba3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1703068
access-control-allow-methods
GET
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
last-modified
Fri, 18 Sep 2015 13:43:12 GMT
server
cloudflare
etag
W/"0d370a82e14a61497aa476896ada8fbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzBWAtCH325m66a4XyPZgqfiaI52mP171xjltVvFhGdXqC6mzQbvmyFzztwqnAD5qI4Dc8WNyon4IBM7%2BHDot38VJrjEEf5XfTfzmmWqjmNaPU4v0CwPRVAuw3JphG7wb%2FaBY3en0eIVLzi1wsg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-C1
cf-ray
6d6b4683ff3783a3-MXP
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
wow.min.min.js
cdn2.hubspot.net/hub/685080/hub_generated/style_manager/1442822135454/custom/page/Sodium_JS/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/685080/hub_generated/style_manager/1442822135454/custom/page/Sodium_JS/wow.min.min.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74931e28075e89893efb62c71efa7be494c7b88721b4488888aaf852f379b1a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
972344
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
last-modified
Mon, 21 Sep 2015 07:55:36 GMT
server
cloudflare
etag
W/"3e10d5572dbb43f7b3316b56f9980904"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kjjb14z9cYwMjmLjrNcPqhZ8kB11yT89LIn3CSOGIOFFkiSvwmgCvpHm0SmKDbg7iB4VO7f9q4McKxw8K4hGXDsUxeiNhQYfuhyxKbluPL7Kni4ufOzdoOyecgiHzIN2lHBGGC8lFcmNQswsWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-C1
cf-ray
6d6b4683ff3b83a3-MXP
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
template.js
cdn2.hubspot.net/hubfs/685080/IMG-TurboSodium/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hubfs/685080/IMG-TurboSodium/template.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f6fde3bb0437a9ca68c477f34a9669ef3f5eb6ba5e0fe2580dd3e962282ea9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 f0c44fcb623b0b5d0059f8c13f9793b1.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-4549350039,P-685080,FLS-ALL
age
1289396
edge-cache-tag
F-4549350039,P-685080,FLS-ALL
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
EY5XWK4HSA6WNW00
x-amz-id-2
CDn2ooPIOLxOt35mg/JwtuTrtxsxCk230ptoK082Cb3dYWlooV0Ac3u4WSVvNvw3Ma0LgEgCFfA=
last-modified
Sun, 08 Oct 2017 09:17:31 GMT
server
cloudflare
etag
W/"78e778c2c7d6202ef9a87007d9b701f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2gnf1ehb2Dgp7fTPTl2L8efF4MCiJD1jqq8Sj8A6hbSYZPLVt9xkfsRxmbpeS%2BONo4cIJ4AVI7F3Dh9vERX3hL6WVt7slpv7TvuH%2F1zplT8M8TKBFvPeqGwTeK92wzUXAVtO%2FAry%2BC0MGYIhDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
tani1Custj5itSdnCYGF6Z8cnn60eVcf
x-amz-cf-pop
MXP63-P3
cf-ray
6d6b4683ff3c83a3-MXP
x-amz-cf-id
4SgfITJiemYlS85WO3wq3d9eWghrPGK3GoO6iud1oLW0jtn4EbQwDw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
cut-footer.js
cdn2.hubspot.net/hubfs/309194/scripts/ 		166 B
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hubfs/309194/scripts/cut-footer.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1c45cfb6161b04404be01b3b057a13bf886d5cc96bc59f94dce019ab216c41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 57df6814b1514a53c272681e0f33a546.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-4546808330,P-309194,FLS-ALL
age
95156
edge-cache-tag
F-4546808330,P-309194,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
W6FSVHE8KXBZZCM7
x-amz-id-2
A4SUX3BpVl+Q+plOXtEy1hE1bbLUAHuDeZwqd1P1MRQHsYGzSs/tRHrZ12sc54PThHET1xquHD0=
last-modified
Sat, 07 Oct 2017 22:22:32 GMT
server
cloudflare
etag
W/"422f6e1189ab43f9406063279b2e3209"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyROwnKGQm%2FoEA6gdPrCZSW1S5qSL939ZVqlL30YcDAlE8%2BUU%2Bj0rAHTbJx1RW5FWdK7TS2%2BpQUtIuOywy%2BZfzCgN1KysDSbu56yn%2F%2FH1QusGOEX%2BQxq6NO%2BP%2F2t4dbCsOkOyAaUdlHt3qDKk0I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
C76iWN1XO994V.J.eI5GT1RkOoUl6433
x-amz-cf-pop
MXP63-P3
cf-ray
6d6b4683ff4483a3-MXP
x-amz-cf-id
83mFAvYaEVabxPS0bAWx7OVwD805vI9Vh71Vud5xjjtIftHj8v4rRg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
2657483.js
www.mbmedien.group/hs/scriptloader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mbmedien.group/hs/scriptloader/2657483.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5bbbf940c6eb5f03cbede58a289e823ef83f40d7e339486d81b3bf0d72e06b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
0
cf-polished
origSize=2517
cf-bgj
minify
x-hubspot-correlation-id
297b0f04-6e0a-4e9d-9ed7-2cfa87a83f21
last-modified
Tue, 01 Feb 2022 12:45:11 GMT
server
cloudflare
x-trace
2BEC51DC6394D3A05A5A42078E7F6D16EDD606FDBB000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnN6EymEZ6ETUHwhiqgCUPb2DLYmd7QIRB29EoGg%2BRk9jJZ4JnztGjhSMtovYzihMgRVmax00JkkXb21uGKUtRlSgKET1Fog6QFHMSHll8OdpP2Mij4Fs%2BsvXqC499dTW3Rn1vmnzD4PXRsMpoVWkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.mbmedien.group
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6d6b4683ff0083a0-MXP
expires
Tue, 01 Feb 2022 12:46:11 GMT
runtime-main.00ea.js
consent.cookiefirst.com/banner/v1.21.4/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v1.21.4/static/js/runtime-main.00ea.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
Cookie First CDN-DE1-756 /
Resource Hash
083f92b598dea1af2793f0fbd9c30d82fac69587caeb91a35d8cc20741501fea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
294
cdn-storageserver
DE-199
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/01/2022 11:07:56
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-DE1-756
access-control-allow-origin
*
last-modified
Tue, 01 Feb 2022 11:05:51 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"61f9140f-c85"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31556926
cdn-requestid
d1e91e5b7b16bb797306ed4d1d648020
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
3.9aac.chunk.js
consent.cookiefirst.com/banner/v1.21.4/static/js/ 		107 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v1.21.4/static/js/3.9aac.chunk.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
Cookie First CDN-DE1-756 /
Resource Hash
386e369992532814c4683243bbc32b09654f805f332d154b580c30bc9fb92152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
294
cdn-storageserver
DE-169
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/01/2022 11:07:56
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-DE1-756
access-control-allow-origin
*
last-modified
Tue, 01 Feb 2022 11:05:48 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"61f9140c-1ad2e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31556926
cdn-requestid
4e59d6013a4529ebf1c9c331f0f673a4
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
main.bb9c.chunk.css
consent.cookiefirst.com/banner/v1.21.4/static/css/ 		43 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v1.21.4/static/css/main.bb9c.chunk.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
Cookie First CDN-DE1-756 /
Resource Hash
b4f17a431cdb05959030c0e8ee78d6610d24714dfa897de43225438004121f26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
185
cdn-storageserver
DE-197
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/01/2022 11:07:56
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-DE1-756
access-control-allow-origin
*
last-modified
Tue, 01 Feb 2022 11:05:47 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"61f9140b-ac1e"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31556926
cdn-requestid
a378c0b0a3869a26433063f8411b0662
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
main.6aa3.chunk.js
consent.cookiefirst.com/banner/v1.21.4/static/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v1.21.4/static/js/main.6aa3.chunk.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
Cookie First CDN-DE1-756 /
Resource Hash
36f2dd7d0ce59f874ae66ba52b0b18d675638c53ea3dad0d96ecc253fd7a780e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
228
cdn-storageserver
DE-199
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/01/2022 11:07:56
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-DE1-756
access-control-allow-origin
*
last-modified
Tue, 01 Feb 2022 11:05:48 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"61f9140c-13364"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31556926
cdn-requestid
17a8a94d86cf6ca48478ad1b7e17f6e1
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v25/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v25/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:300,400,500,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mbmedien.group
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:31:29 GMT
x-content-type-options
nosniff
age
494022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16088
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:31:29 GMT
version.json
static.cookiefirst.com/sites/mbmedien.group-92bbca54-7282-4bfe-969a-0284b11851c6/ 		16 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.cookiefirst.com/sites/mbmedien.group-92bbca54-7282-4bfe-969a-0284b11851c6/version.json?v=1643719511744
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner/v1.21.4/static/js/3.9aac.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.164.66 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-711.bunnyinfra.net
Software
Cookie First CDN-TX1-711 /
Resource Hash
3364427925c031ee4a7884041d84fb876a8ea85595d823b921885ae401ec42af

Request headers

Accept
application/json
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
cdn-cache
MISS
cdn-edgestorageid
711
cdn-fileserver
244
cdn-storageserver
LA-244
cdn-cachedat
02/01/2022 12:45:12
cdn-pullzone
236986
content-length
16
server
Cookie First CDN-TX1-711
visitor-location
SE
last-modified
Wed, 10 Nov 2021 00:45:49 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"618b163d-10"
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=30
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestid
c514931f439e2ec808c3a71043e0d2e0
cdn-requestcountrycode
SE
accept-ranges
bytes
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
7650ba8e3e.css
use.fontawesome.com/ 		1 KB
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/7650ba8e3e.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/7650ba8e3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400ce56018b18ffe8d8050c0daa0a04eeb86d8e6728b0c9e7742754249cb0127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2387
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
5R96CBG1SSYQY3N6
x-amz-id-2
bbrsALiy/8DVOeum2hTjy+oNt6SgOvsUsio4SfLCQx/NeTqbs0Y5uIXv6ER5li31wpsbiirp5T8=
last-modified
Wed, 30 Jun 2021 20:52:00 GMT
server
cloudflare
etag
W/"bf31e0bad34514cb213c53a330a330ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zh3Z7WRZJuuPtlhbgi7spajZCzWUgyvzHmW3ytbl%2Fjj5HuSAW8dXX9QcyEPbbs7Ra09%2FZeHqsr6LnuLBYQrNZhlmBUYLWqrEv9N5VEZcuBpD76IrP46DofzvKqgvsNjlO3IKucKIp9B8a0wLA1ScBiaq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6d6b4684ba920e06-MXP
uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
subscription-center.dds.mbmedien.de/ Frame AFC2 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.35.252.246 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
haproxy.mbmedien.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c1c65f5c05a12d416b2ba968cc403ce3b31c30048a7233aae4cf42a979d37fce
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020

Response headers

Date
Tue, 01 Feb 2022 12:45:12 GMT
Server
Microsoft-IIS/10.0
Content-Type
text/html; charset=utf-8
Strict-Transport-Security
max-age=2592000
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3085
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=2657483&callback=jsonpHandler
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode
false
server
cloudflare
x-hubspot-correlation-id
6fe0273c-318c-4049-9598-e21d4f5f10ef
x-trace
2B21C3D0711B84A0C0D3F75DCCA6369FC0FD1B9A71000000000000000000
date
Tue, 01 Feb 2022 12:45:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
cf-cache-status
DYNAMIC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
6d6b4685ac16375c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cta-json
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter&pageId=54453419827&pid=2657483&sv=cta-embed-js-static-1.71&utm_referrer=https%3A%2F%2Flnks.sicher-vor-ransomware.de%2F&utm_campaign=Aussendung_36206&utm_medium=email&rdy=1&cos=1&df=t&pg=70177ed7-fa29-4168-b04a-32ec1c3ef51b
Requested by
Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81bb3c4a53b2b7040056e250c01605e51aad76130191f6df6067bafd74f51e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
5d04f92c-5e1c-4209-880d-13f16296d3b8
access-control-allow-methods
OPTIONS, GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, follow
server
cloudflare
x-trace
2B892923730921BA6F22370EACC2EBE60FD035ED68000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfrVn4c42dFTMcB9UMI%2F1nWrDYupWQfjn%2FCjWHVNBmrHpqi%2FnZwFyUUOA7Qr2In25gE%2Fcn51JD4svLNv6RV%2FonsmmPf%2Bd1E2mlRPVtjZUzWnB20D92bwtu%2FPHltLStNd6C8DgLCw9ROaSejcJ7cFHb0zkEEB1AQj8y8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mbmedien.group
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
cf-ray
6d6b4685da6559d7-MXP
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/7650ba8e3e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/7650ba8e3e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8088210
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HSY1S6ME5S1M80SK
x-amz-id-2
lcajIKKTOtsfDiAupMBNvuawXbJlKOvfmY7RxDLpKFECAFaQnueLLH8Ci48yubYpNlc4QSzTIso=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEtcXyBIZmJZHrSa3B%2Bi7RSJ5w3NjQIDXZc16UX8hqMeZD2P%2FA15Gfhnnvrb5HmrE2A9inJd4vlZuaLOffCeAqafNllrqFPCaCvMY78tUTRrzYtiFHylk18joP3aBW6KDtq%2BTx4z5nIRsfBExLmWu0nC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6d6b46854fdc83a2-MXP
Turbo-Sodium-jquery.classyloader.min.min.js
cdn2.hubspot.net/hub/685080/hub_generated/style_manager/1442583771462/custom/page/Sodium_JS/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/685080/hub_generated/style_manager/1442583771462/custom/page/Sodium_JS/Turbo-Sodium-jquery.classyloader.min.min.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2603028561869703a7b2a0ee9e76daf58cea72991c6b1322c96d9a255a16862d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1711234
access-control-allow-methods
GET
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
last-modified
Fri, 18 Sep 2015 13:42:52 GMT
server
cloudflare
etag
W/"37b6fe06f7ae8757c0690a0ebde65384"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufLRT0IwZneXv0Z53kr%2Bvgj4KdsJtG0ucojJZQt0nx2bdQfR1rGbfkBokv5KnCoBUflPXsCJLBdqIc05DGEC2%2BqcQ%2Bw0Sl%2BkgdQDMyEdav%2BHCxulWeei906Zbe6xn8jzTX%2FSAxMg37aZb2egoU4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-C1
cf-ray
6d6b46854ac783a3-MXP
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
Turbo-Sodium-jquery.slicknav.min.min.js
cdn2.hubspot.net/hub/685080/hub_generated/style_manager/1442583791232/custom/page/Sodium_JS/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/685080/hub_generated/style_manager/1442583791232/custom/page/Sodium_JS/Turbo-Sodium-jquery.slicknav.min.min.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5753ff346e269f0c2faa85f137a85a0051b8b1b58d81cd228f9f3557731ba3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1703068
access-control-allow-methods
GET
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
last-modified
Fri, 18 Sep 2015 13:43:12 GMT
server
cloudflare
etag
W/"0d370a82e14a61497aa476896ada8fbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hdir0RoCjSCmnnPufUPosUVMZYaf%2BJmDhZ2O14Fe6AugtPE3MgKToDm%2BFfKsjLoIaEKmlvUMBf7Sj5NRIXEZYS6kx1cEIn6g5%2B5ViCYJegEsj3NYDVdcHedi7ORmR4F70S1wXR1DDojMZKKDRFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-C1
cf-ray
6d6b46854acf83a3-MXP
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
template.js
cdn2.hubspot.net/hubfs/685080/IMG-TurboSodium/ 		19 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hubfs/685080/IMG-TurboSodium/template.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f6fde3bb0437a9ca68c477f34a9669ef3f5eb6ba5e0fe2580dd3e962282ea9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 f0c44fcb623b0b5d0059f8c13f9793b1.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-4549350039,P-685080,FLS-ALL
age
1289396
edge-cache-tag
F-4549350039,P-685080,FLS-ALL
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
EY5XWK4HSA6WNW00
x-amz-id-2
CDn2ooPIOLxOt35mg/JwtuTrtxsxCk230ptoK082Cb3dYWlooV0Ac3u4WSVvNvw3Ma0LgEgCFfA=
last-modified
Sun, 08 Oct 2017 09:17:31 GMT
server
cloudflare
etag
W/"78e778c2c7d6202ef9a87007d9b701f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fnwhlx85sVZb3mCEWX92bO7Yoa3t3InSJzB%2BMB91WBnQDQdNfI%2FA735d4v7yjAN8ACCpde53nflwTShfI5NVcfUN71kVg3NAFSMOt6wtq9WaAVyQPq%2FC4eyDuCkZ%2BFLk4JLfPu6uU4EwjvX7Yp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
tani1Custj5itSdnCYGF6Z8cnn60eVcf
x-amz-cf-pop
MXP63-P3
cf-ray
6d6b46854ad583a3-MXP
x-amz-cf-id
4SgfITJiemYlS85WO3wq3d9eWghrPGK3GoO6iud1oLW0jtn4EbQwDw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/hs/scriptloader/2657483.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a88b38cd5143f136506a09ddd5911e109b4960b41c59acaf84696b12cbe6f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
via
1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
103
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.263/bundles/pixels-release.js&cfRay=6d6b43fc690b375b-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Mon, 31 Jan 2022 01:20:51 UTC
server
cloudflare
etag
W/"44929f5996c89154c598e0d6b2db6dfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
btixHLv80iuUeBFW.WSHuvdv5D78LgXM
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6d6b4685d9733763-MXP
x-amz-cf-id
wXAEJNABc59PoKlh39PPcheeJCp85mKd5Ih8v6zI1d5RihRQaSHBtw==
x-hs-target-asset
adsscriptloaderstatic/static-1.263/bundles/pixels-release.js
2657483.js
js.hs-analytics.net/analytics/1643719500000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1643719500000/2657483.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/hs/scriptloader/2657483.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1efd6c1bd57c3f112728cc13ec059edbdcdb0b95b5896932ff43c848a9a6ea5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:11 GMT
content-encoding
br
cf-cache-status
HIT
age
0
x-amz-server-side-encryption
AES256
x-amz-request-id
FTA5N6T9RSYT2YJD
x-amz-id-2
xs33fzovvadIrGwRgHBTmClFaA2QRkquvqBUCvHN3q3lsQ9SLHaaZ/2XFXZdJssrx4/lIGiDO74=
last-modified
Mon, 19 Jul 2021 14:26:42 GMT
server
cloudflare
etag
W/"095e707dae123752570d172d6e372d65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-ray
6d6b4685db16374c-MXP
expires
Tue, 01 Feb 2022 12:50:11 GMT
leadflows.js
js.hsleadflows.net/ 		537 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/hs/scriptloader/2657483.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a077659f2a6ddd4ef5faeeddb3a11f35f9e06e9d7e4983e9b6b94ae4f0c3736

Request headers

Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Origin
https://www.mbmedien.group
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
via
1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
7783
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1076/bundle/main/lead-flows-release.js&cfRay=6d6a887c3ba559ad-IAD
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
6d6b4685db295a19-MXP
last-modified
Wed, 26 Jan 2022 02:14:13 UTC
server
cloudflare
etag
W/"e38a58bd3c6f3ee06e3815b92e4f051d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
tJ1VrBqTbfMgHAdgAnHHYVgYsiJaQlJ4
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
tUAtI7q_OKOk0Oa9skfVGIEVehHTu7X-3YqYnxGj6eAHrmieirq16A==
x-hs-target-asset
lead-flows-js/static-1.1076/bundle/main/lead-flows-release.js
2657483.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/2657483.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/hs/scriptloader/2657483.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af55cebfbc55901972d7b0e8d5e939d8ff35c86b2bd404c491929f8ca9dde0f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
Q2V9ZTAJ5J4F5STH
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
kBT9JxvDHozTFyfp1GaJB/J1y44KHAtBCW0j4rU8YfpLgzOw2H1z1e47hSvsorflyG4ecT/i4CU=
timing-allow-origin
*
last-modified
Fri, 03 Sep 2021 19:39:00 GMT
server
cloudflare
etag
W/"ec48d3722d51d2ca30d652b19c78b0f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
hAOr0Mjn5yRxFv1A1tAJCVIEehL2AzlM
access-control-allow-origin
https://www.mbmedien.group
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6d6b4685db33f923-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Tue, 01 Feb 2022 12:50:12 GMT
collectedforms.js
js.hscollectedforms.net/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/hs/scriptloader/2657483.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3

Request headers

Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Origin
https://www.mbmedien.group
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
via
1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
7784
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.260/bundles/project.js&cfRay=6d6a887c2ef583bb-IAD
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
6d6b4685dca65a13-MXP
last-modified
Tue, 07 Dec 2021 01:47:22 UTC
server
cloudflare
etag
W/"6a87c3fbb201ae0e1e27682863544b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
MgiHycm2IQFcF7nscbJ1l6RorgU5R2aj
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
wUAnw_HDrwXf5vmkgraHQ0Cp1-FXB56KZe8uw07Kt7Y_lsLO45UYvA==
x-hs-target-asset
collected-forms-embed-js/static-1.260/bundles/project.js
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/7650ba8e3e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/7650ba8e3e.css
Origin
https://www.mbmedien.group
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12603
cf-ray
6d6b468619b30e1a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-amz-id-2
WgM9PyPjQg76wG1dxSYSGcZSw5qBj2+cMuoj71q9DaYDe8mQbdC4dMFZJry1eB9uKCEfhG/E/40=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRv2BHdhfWnDzQVmBfswzTOLilCGkLxlMT0GZMm7%2FZ5d4%2FMBuSbp1U6mNeIoUV%2BPUxOhYvG0xdDVXMQLoIT23L%2FLNaMsAysdj%2FeY%2F5PMeQ%2BWd2lKTdm6vIWRkbDpDksZwkv5MEX9S3H%2F1Cy12PF7LPTe"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
JX7REYC78KP98HPP
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
application/font-woff2
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=2657483&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac6e608d5ec22e9c1d6018691f34ef7fdd2cef15b0ff96c8ae41dcf3ae2be7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
a4e695b7-83c2-478b-8ea3-0f07312f4571
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKodJD1dDeV19Es1%2F5peYpfXq%2FvNVSaWPbDvD2C9klUql1P%2BSW8YmzuUMo9Q%2BTXAfuA%2BgXUlurk31nIpdfp09HjTTUPJiE2D4wVPXXn%2Bleq%2BMpqWDMq%2Bkmopyxt3Wu2ct7Xr1UAaXWNCP6%2BmhFIO"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mbmedien.group
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
6d6b4687cbd80f82-MXP
access-control-allow-headers
*
site.css
subscription-center.dds.mbmedien.de/css/ Frame AFC2 		246 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscription-center.dds.mbmedien.de/css/site.css
Requested by
Host: subscription-center.dds.mbmedien.de
URL: https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.35.252.246 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
haproxy.mbmedien.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e4bae82dd73821e2883edb48c5dc412c006b0879add44493765be9628bfff05
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 12:45:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 21 Jan 2022 11:29:23 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"1d80eba2387f28b-gzip"
Strict-Transport-Security
max-age=2592000
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
de.png
subscription-center.dds.mbmedien.de/flags/ Frame AFC2 		335 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscription-center.dds.mbmedien.de/flags/de.png
Requested by
Host: subscription-center.dds.mbmedien.de
URL: https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.35.252.246 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
haproxy.mbmedien.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b234888bb56009b7a19f1c19a93c4ac8bc70ac78b13c5d264961d52ee12eced0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 12:45:12 GMT
ETag
"1d740bfb200144f"
Last-Modified
Tue, 04 May 2021 08:30:10 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Strict-Transport-Security
max-age=2592000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
335
en.png
subscription-center.dds.mbmedien.de/flags/ Frame AFC2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscription-center.dds.mbmedien.de/flags/en.png
Requested by
Host: subscription-center.dds.mbmedien.de
URL: https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.35.252.246 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
haproxy.mbmedien.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
82e883da496f40d5cbad266b8ec92dd8f1c9d6353a8824341979ba923cae1608
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 12:45:12 GMT
ETag
"1d740bf9e54a448"
Last-Modified
Tue, 04 May 2021 08:29:37 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Strict-Transport-Security
max-age=2592000
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2760
site.js
subscription-center.dds.mbmedien.de/js/ Frame AFC2 		2 MB
684 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-center.dds.mbmedien.de/js/site.js
Requested by
Host: subscription-center.dds.mbmedien.de
URL: https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.35.252.246 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
haproxy.mbmedien.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c25cac6c1f44993bd7f675873762a39191c72cc2d4d291b1c5db6b41f3053799
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 12:45:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 21 Jan 2022 11:29:23 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"1d80eba23a73978-gzip"
Strict-Transport-Security
max-age=2592000
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
cta-loaded.js
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=2657483&pg=70177ed7-fa29-4168-b04a-32ec1c3ef51b&lt=1643719511829&dt=1643719511830&at=1643719512194&ae=1&an=1
Requested by
Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Feb 2022 12:45:12 GMT
server
cloudflare
x-hubspot-correlation-id
2b3c326c-b1d1-4d1f-a3d0-c65a61fe8a7b
x-trace
2B4AA7B0442456A11A056463F3B0D296BE534ACACE000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0J5z1%2FTxTo2NKtkcgIdnvcscYSS6nEcvGg0FUghZ%2FZm8ZSsT0vFBJXY0l%2Bt8V5XWElRjj4p2YS6EAffaGmMsB7upbQH93j%2FrA0xPZVanvoI0rWR3pudDBqGzzLLrg5HbY%2FmHI0ih1xOz1vHHnUCC887sJhAoNY%2BnR8s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d6b4687cf723761-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, follow
cta-loaded.js
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 		0
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=2657483&pg=70177ed7-fa29-4168-b04a-32ec1c3ef51b&lt=1643719511829&dt=1643719511830&at=1643719512195&ae=1&an=1
Requested by
Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Feb 2022 12:45:12 GMT
server
cloudflare
x-hubspot-correlation-id
a254f8e3-f93b-4a94-bb23-a5c9b3ad55f2
x-trace
2B2B17A246ACA38E203BDC115FDA6EA73D029DD804000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXMFhdk4sBDVaxZKlDUAZQC%2BWO3vsbJJSxjekbeBbw5plzviy9kxGyOK8IQTpwG3F9t2RJy%2BxBxYzPlpTyA1gUT1hL2MGstab2RqXT%2FE51DiZnSJwQlv16m8liMNGuLjg7C2WQ%2F9Ug%2FhH%2BznCqtSCYj%2B2MEjHj8XCSY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d6b4687cf733761-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, follow
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
b3b4bcfb-70bb-471e-91e0-62353658993e
cf-ray
6d6b46885aced600-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Tue, 01 Feb 2022 12:45:12 GMT
server
cloudflare
x-trace
2B6AFC2E8C9FAE9D92F7E240A48A9B7B9F796C7C16000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1
Requested by
Host: www.mbmedien.group
URL: https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
590218dd-2f87-4c1a-9944-d32abba55540
cf-ray
6d6b46885ad2d600-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Tue, 01 Feb 2022 12:45:12 GMT
server
cloudflare
x-trace
2B46D0FED9BA88EF3AA0567240DBCBEF2BA1443424000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
config.json
static.cookiefirst.com/sites/mbmedien.group-92bbca54-7282-4bfe-969a-0284b11851c6/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.cookiefirst.com/sites/mbmedien.group-92bbca54-7282-4bfe-969a-0284b11851c6/config.json?v=1636479914
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner/v1.21.4/static/js/3.9aac.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.164.66 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-711.bunnyinfra.net
Software
Cookie First CDN-TX1-711 /
Resource Hash
d6f2788da60aebfa629c257f64b6ca51718d19fc880abb5f517063946df23052

Request headers

Accept
application/json
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
content-encoding
br
cdn-cache
HIT
cdn-edgestorageid
711
cdn-fileserver
202
cdn-storageserver
LA-108
cdn-cachedat
01/10/2022 02:06:14
cdn-pullzone
236986
server
Cookie First CDN-TX1-711
visitor-location
SE
last-modified
Wed, 10 Nov 2021 01:00:46 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"618b19be-bdc"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
max-age=25600000
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestid
bff834e23e13ba4bd6ef7612113df978
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
location
edge.cookiefirst.com/prod/ 		30 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.cookiefirst.com/prod/location
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner/v1.21.4/static/js/3.9aac.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6800:4:ed2a:7600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept
application/json
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront), 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2, FRA56-P2
x-amzn-requestid
cd513e24-7997-4fa0-b4d9-126564355270
vary
origin,accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.mbmedien.group
cache-control
max-age=1200, s-maxage=31536000
x-amzn-trace-id
Root=1-61f92b58-748e87802f36663460f8c29c;Sampled=0
access-control-allow-headers
access-control-allow-credentials
true
x-amz-apigw-id
M3O13HUnFiAFh5Q=
content-length
30
x-amz-cf-id
7aGh2TnONSm-17IQWC7MkDkvG4xDlh1Ce-Xiusmtw4O4X6YgVeQ0tg==
lang-widget-de.json
static.cookiefirst.com/sites/mbmedien.group-92bbca54-7282-4bfe-969a-0284b11851c6/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.cookiefirst.com/sites/mbmedien.group-92bbca54-7282-4bfe-969a-0284b11851c6/lang-widget-de.json?v=1636479914
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner/v1.21.4/static/js/3.9aac.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.164.66 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-711.bunnyinfra.net
Software
Cookie First CDN-TX1-711 /
Resource Hash
ebe33772a06ccab41b64ab2765b61415cbb2d266d02ca1b46497be28735052ea

Request headers

Accept
application/json
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
content-encoding
br
cdn-cache
HIT
cdn-edgestorageid
711
cdn-fileserver
242
cdn-storageserver
LA-108
cdn-cachedat
01/09/2022 02:51:45
cdn-pullzone
236986
server
Cookie First CDN-TX1-711
visitor-location
SE
last-modified
Tue, 09 Nov 2021 17:45:14 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"618ab3aa-2104"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
max-age=25600000
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestid
c9d3a6b7eab836651a9a93f3a2d1221b
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ui.415c.chunk.css
consent.cookiefirst.com/banner/v1.21.4/static/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v1.21.4/static/css/ui.415c.chunk.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner/v1.21.4/static/js/runtime-main.00ea.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
Cookie First CDN-DE1-756 /
Resource Hash
fb3bfd1e9662d4e653aa15073a1b25e6e50a1daccdf222ee1b38513daf72f9c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
228
cdn-storageserver
DE-169
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/01/2022 11:07:56
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-DE1-756
access-control-allow-origin
*
last-modified
Tue, 01 Feb 2022 11:05:47 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"61f9140b-2669"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31556926
cdn-requestid
3188d6a14a9e0b884e725e6365dce861
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
ui.5312.chunk.js
consent.cookiefirst.com/banner/v1.21.4/static/js/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v1.21.4/static/js/ui.5312.chunk.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner/v1.21.4/static/js/runtime-main.00ea.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
Cookie First CDN-DE1-756 /
Resource Hash
d9e5a2b5ff9df19b15be5b1ffa3b9d0963c8af3d12e91f4f2868616c4b84cdc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
294
cdn-storageserver
DE-169
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/01/2022 11:07:57
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-DE1-756
access-control-allow-origin
*
last-modified
Tue, 01 Feb 2022 11:05:52 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"61f91410-74c8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31556926
cdn-requestid
d8ad66a3a3127bad1ae3c61a9283ebf8
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:13 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
b8df0edf-7641-4e62-bf77-008e4e68a60b
cf-ray
6d6b468bef030e16-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Tue, 01 Feb 2022 12:45:13 GMT
server
cloudflare
x-trace
2B816F795933F95C8DE25B54CCBD20843E083CB694000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1792297217&v=1.1&a=2657483&pi=54453419827&ct=standard-page&ccu=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter&cpi=54453419827&lpi=54453419827&lvi=54453419827&lvc=de&r=https%3A%2F%2Flnks.sicher-vor-ransomware.de%2F&pu=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter%3Fuk%3Duk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301%26utm_campaign%3DAussendung_36206%26utm_source%3DContent-Hub-Mailings_5%26utm_medium%3Demail%26utm_content%3D589020&t=Kommunikationspr%C3%A4ferenzen&cts=1643719512879&vi=9bc1dd312fea40686d7abe24c83ebec9&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:13 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
c4df994f-4670-4782-a7e1-b4290a8498dd
cf-ray
6d6b468b9d73375c-MXP
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmkvgYboIQNcmpyGhBGQP3%2B0LkWyFNY6K5lElLbidzR8XSvNAOMlmBBKCV5d9hdQOmgCsQ5Mw1qA8Z3XIkbVRgMWc4apPlXjGaQAGH2yn2wmUC6MClu5TWOMb8%2ByO5BXaIPZdZUDg7Yf5rUvZfcT"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2270177ed7-fa29-4168-b04a-32ec1c3ef51b%22%2C%22dfe15f0d-ecc5-4410-845b-a6aa1fabb05d%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1792297217&v=1.1&a=2657483&pi=54453419827&ct=standard-page&ccu=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter&cpi=54453419827&lpi=54453419827&lvi=54453419827&lvc=de&r=https%3A%2F%2Flnks.sicher-vor-ransomware.de%2F&pu=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter%3Fuk%3Duk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301%26utm_campaign%3DAussendung_36206%26utm_source%3DContent-Hub-Mailings_5%26utm_medium%3Demail%26utm_content%3D589020&t=Kommunikationspr%C3%A4ferenzen&cts=1643719512881&vi=9bc1dd312fea40686d7abe24c83ebec9&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:13 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
fe82acbb-f753-4cb1-b265-9ac9bdfbc5d4
cf-ray
6d6b468b9d71375c-MXP
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7BB1tSW7O7pPVdnjJRiz3A3qhqDM5PDOHBTg3B%2BaL2XF15kAY7Zt4B2INgHjO2h%2FZQU2s91HxdHRc8wsWWu3tGouDntR16ZWYPpgroRhCAwFIaQynjrkdzzloCqGyd0cSsWBN5f7lbdLyU1DTqP"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		67 B
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2657483
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cacc -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
79cd3b9c3f7e38d1ac7a1e132ec31b81ac1d078851276f79300f4173fe57691d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
8757f138-03d1-4235-b624-28087cd3d592
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2BE6B134C217A1B8AF4F1C176682476CB97C896C36000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmZHFwRcVhcjuoCOnGLKDbrGyTxfFw0rzrsaYDNvAmKboL8pLiOimv0%2B9WxW2RPvZt%2B9uxXa00%2F11aRelutHgFxZ0ILj56DF1w8RPrl%2FbpfeE2OE8xtxk9KhlqE5ILXCzd7wZTRL05geOBih"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mbmedien.group
access-control-allow-credentials
false
cf-ray
6d6b468c1ae23747-MXP
access-control-allow-headers
*
json
forms.hubspot.com/lead-flows-config/v1/config/ 		167 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2657483&utk=9bc1dd312fea40686d7abe24c83ebec9&__hstc=217988169.9bc1dd312fea40686d7abe24c83ebec9.1643719512877.1643719512877.1643719512877.1&__hssc=217988169.1.1643719512877&referrer=https%3A%2F%2Flnks.sicher-vor-ransomware.de%2F&contentId=54453419827&currentUrl=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter%3Fuk%3Duk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301%26utm_campaign%3DAussendung_36206%26utm_source%3DContent-Hub-Mailings_5%26utm_medium%3Demail%26utm_content%3D589020
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef19febc3c1a862c86266afe58e27ef781853ba6279fe43fe1acb35f7cfc0e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
135cfa2c-13ff-4c83-9692-847950c51acd
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryONjGeuMUveMGdLa9EJukmLAkNEem%2F7HDMIkogElmEQZlWSjC8rzgbzVI8c7WibgQquQkUNWiJVT%2BNIrMIK21aiRmpKzBMetZijmMZ6dKSxx%2B%2B25t%2B8ns1frTdB2BtjCzsPyU3MkpvezqRxM%2FVS"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mbmedien.group
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
6d6b468befa883ac-MXP
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
subscription-center.dds.mbmedien.de/Ajax/List/Topics/ Frame AFC2 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-center.dds.mbmedien.de/Ajax/List/Topics/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
Requested by
Host: subscription-center.dds.mbmedien.de
URL: https://subscription-center.dds.mbmedien.de/js/site.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.35.252.246 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
haproxy.mbmedien.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dbc277bb0d2e226e55a1f4cb2d0a75192a615ef7d2af4ca7cbf9069392e1ddea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subscription-center.dds.mbmedien.de/uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Date
Tue, 01 Feb 2022 12:45:12 GMT
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
3195
styles.css
static.cookiefirst.com/sites/mbmedien.group-92bbca54-7282-4bfe-969a-0284b11851c6/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.cookiefirst.com/sites/mbmedien.group-92bbca54-7282-4bfe-969a-0284b11851c6/styles.css?v=1636479914
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner/v1.21.4/static/js/3.9aac.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.164.66 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-711.bunnyinfra.net
Software
Cookie First CDN-TX1-711 /
Resource Hash
6661e4b123d1d462f078e43c4e1174d39fbde5c2be622eb437124237d997c512

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:12 GMT
content-encoding
br
cdn-cache
HIT
cdn-edgestorageid
711
cdn-fileserver
244
cdn-storageserver
LA-108
cdn-cachedat
01/10/2022 07:18:41
cdn-pullzone
236986
server
Cookie First CDN-TX1-711
visitor-location
SE
last-modified
Sun, 05 Dec 2021 02:45:05 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"61ac27b1-4e5"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
max-age=25600000
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestid
f07401db7f6c61e9ca7db28375bf9031
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v25/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v25/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:300,400,500,700&subset=latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mbmedien.group
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:31:29 GMT
x-content-type-options
nosniff
age
494024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16168
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:31:29 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-600369980
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f87f15683e24b1450d2f5d3eec0eed4957afcedc6f231e471d650bbae9e9653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39431
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Feb 2022 12:45:13 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-600369980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14855
x-xss-protection
0
server
cafe
etag
17539559064140624452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 12:45:13 GMT
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G1--&rnd=1834585008.1643719514&url=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter&gtm=2oa1q0&auid=319058717.1643719514&did=dZTQ1Zm&gdid=dZTQ1Zm
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&rnd=1834585008.1643719514&url=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter&gtm=2oa1q0&auid=319058717.1643719514&did=dZTQ1Zm&gdid...
42 B
681 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&rnd=1834585008.1643719514&url=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter&gtm=2oa1q0&auid=319058717.1643719514&did=dZTQ1Zm&gdid=dZTQ1Zm
Protocol
H2
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 12:45:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 01 Feb 2022 12:45:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&rnd=1834585008.1643719514&url=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter&gtm=2oa1q0&auid=319058717.1643719514&did=dZTQ1Zm&gdid=dZTQ1Zm
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/600369980/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/600369980/?random=1643719513678&cv=9&fst=1643719513678&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1q0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter%3Fuk%3Duk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301%26utm_campaign%3DAussendung_36206%26utm_source%3DContent-Hub-Mailings_5%26utm_medium%3Demail%26utm_content%3D589020&ref=https%3A%2F%2Flnks.sicher-vor-ransomware.de%2F&tiba=Kommunikationspr%C3%A4ferenzen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
bd19f35070101b1c7702f1aba1acb19ebb28f322be9a1b5f49dd6efc4e11c447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 12:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/600369980/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/600369980/?random=1643719513678&cv=9&fst=1643716800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter%3Fuk%3Duk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301%26utm_campaign%3DAussendung_36206%26utm_source%3DContent-Hub-Mailings_5%26utm_medium%3Demail%26utm_content%3D589020&ref=https%3A%2F%2Flnks.sicher-vor-ransomware.de%2F&tiba=Kommunikationspr%C3%A4ferenzen&async=1&fmt=3&is_vtc=1&random=1139033874&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 12:45:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/600369980/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/600369980/?random=1643719513678&cv=9&fst=1643716800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mbmedien.group%2Fsubscriptioncenter%3Fuk%3Duk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301%26utm_campaign%3DAussendung_36206%26utm_source%3DContent-Hub-Mailings_5%26utm_medium%3Demail%26utm_content%3D589020&ref=https%3A%2F%2Flnks.sicher-vor-ransomware.de%2F&tiba=Kommunikationspr%C3%A4ferenzen&async=1&fmt=3&is_vtc=1&random=1139033874&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mbmedien.group/subscriptioncenter?uk=uk46c8448d6e36824106571A643DA108797910cd6acaf34f0f02a4c4d40dabb318bee4ad78bcd0825275ef91e7e9301&utm_campaign=Aussendung_36206&utm_source=Content-Hub-Mailings_5&utm_medium=email&utm_content=589020
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 12:45:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery function| hsjQuery object| jsonp-cf object| regeneratorRuntime object| FontAwesomeCdnConfig string| cssUrl function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| _hsq object| hbspt function| WOW object| wow function| moveSection function| hideScrollTopOnSmallScreen function| wowInit function| questionAccordion function| headerScrollDown function| footerScrollUp function| testimonialsSliderInit function| headerMenuFlyout function| mobileMenuInit function| homeSliderInit function| smallSliderInit function| initBrandsSlider function| fixedMenu function| rowModuleBreaker function| skillsInit object| jQuery11240036675225344494855 object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage function| jsonpHandler object| _hsp boolean| PIXELS_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug object| globalRoot undefined| hns function| bindToWindowOnError function| defineProperties object| leadflows object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN boolean| _hspb_loaded object| dataLayer function| gtag object| CookieFirst function| cookiefirst_show_settings boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran boolean| LEAD_FLOW_DOCUMENT_READY_RAN object| google_tag_manager object| google_tag_data

12 Cookies

Domain/Path Name / Value
links.sicher-vor-ransomware.de/ Name: PHPSESSID
Value: co0nmalbmp9305bkd75sftt2h8
links.sicher-vor-ransomware.de/ Name: _pk_id.383.603e
Value: 262c3c72e385469f.1643719510.
links.sicher-vor-ransomware.de/ Name: _pk_ses.383.603e
Value: 1
mbpi.mbmedien.de/ Name: _pk_uid
Value: 0%3DMjYyYzNjNzJlMzg1NDY5Zg%3D%3D
lnks.sicher-vor-ransomware.de/ Name: PHPSESSID
Value: uokjg8kkpmmhace6iutudgdkkt
.www.mbmedien.group/ Name: __cfruid
Value: 382a3dc00ae311ff1f0de764b56d18f74cdae4e4-1643719511
.hubspot.com/ Name: __cf_bm
Value: 8pH3aKfiOPrLsS5JsN3S0nr.W6rsWLZH2XyBJVhr3cQ-1643719512-0-AV35FAgBHUU/rYZAFNAybUtDFqWavukuDSdM2Kaf4mt4kZ4ZLtiOITVQdHz/zevrjg2JV8explzSSvQRR1tr2vI=
.mbmedien.group/ Name: __hstc
Value: 217988169.9bc1dd312fea40686d7abe24c83ebec9.1643719512877.1643719512877.1643719512877.1
.mbmedien.group/ Name: hubspotutk
Value: 9bc1dd312fea40686d7abe24c83ebec9
.mbmedien.group/ Name: __hssrc
Value: 1
.mbmedien.group/ Name: __hssc
Value: 217988169.1.1643719512877
.mbmedien.group/ Name: _gcl_au
Value: 1.1.319058717.1643719514

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
app.hubspot.com
cdn.jsdelivr.net
cdn2.hubspot.net
cdnjs.cloudflare.com
code.jquery.com
consent.cookiefirst.com
cta-service-cms2.hubspot.com
edge.cookiefirst.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hscta.net
js.hsleadflows.net
links.sicher-vor-ransomware.de
lnks.sicher-vor-ransomware.de
mbpi.mbmedien.de
perf.hsforms.com
static.cookiefirst.com
subscription-center.dds.mbmedien.de
track.hubspot.com
unpkg.com
use.fontawesome.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mbmedien.group
142.250.186.34
2001:1520:1:200::50a
2001:1520:1:200::573
2001:4de0:ac18::1:a:1a
2600:9000:223c:6800:4:ed2a:7600:93a1
2606:2c40::c73c:671d
2606:4700:3037::6815:4e07
2606:4700::6810:125e
2606:4700::6810:5605
2606:4700::6810:5614
2606:4700::6810:7aaf
2606:4700::6811:47b0
2606:4700::6811:72b0
2606:4700::6811:80ab
2606:4700::6811:cacc
2606:4700::6811:ddcc
2606:4700::6811:e8cc
2606:4700::6811:f2cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:801::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
5.35.252.246
62.138.185.162
89.187.164.66
89.187.169.47
02b57145b102159c181a710cfebcd3f8a3713fd56b60229ad1f7965db3820004
04bf502389271d9e2cec063f983ffa758c98f365e8409626412a89229baeb7f1
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
083f92b598dea1af2793f0fbd9c30d82fac69587caeb91a35d8cc20741501fea
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
1f87f15683e24b1450d2f5d3eec0eed4957afcedc6f231e471d650bbae9e9653
23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3
2603028561869703a7b2a0ee9e76daf58cea72991c6b1322c96d9a255a16862d
29b3dc686cb866459debf641fc6c79b3b8371e66391898f07250f297cf8fd58a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3364427925c031ee4a7884041d84fb876a8ea85595d823b921885ae401ec42af
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
36f2dd7d0ce59f874ae66ba52b0b18d675638c53ea3dad0d96ecc253fd7a780e
386e369992532814c4683243bbc32b09654f805f332d154b580c30bc9fb92152
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
400ce56018b18ffe8d8050c0daa0a04eeb86d8e6728b0c9e7742754249cb0127
43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b
48f6fde3bb0437a9ca68c477f34a9669ef3f5eb6ba5e0fe2580dd3e962282ea9
4e4bae82dd73821e2883edb48c5dc412c006b0879add44493765be9628bfff05
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5d9bc6dec214e0ac4562af8a3854d2d46772e46e66806ab6aed8ba22d833d0dd
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
649ddfc77e4f1dcbadd2e268e41165edfcad080a2b12bc770621f333a9ba4904
6661e4b123d1d462f078e43c4e1174d39fbde5c2be622eb437124237d997c512
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74931e28075e89893efb62c71efa7be494c7b88721b4488888aaf852f379b1a2
78a88b38cd5143f136506a09ddd5911e109b4960b41c59acaf84696b12cbe6f3
79cd3b9c3f7e38d1ac7a1e132ec31b81ac1d078851276f79300f4173fe57691d
82e883da496f40d5cbad266b8ec92dd8f1c9d6353a8824341979ba923cae1608
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
884847c74c5c64f127f811a8d18e5f315b24d9a89a7ac5e95f804e755c41a045
8a077659f2a6ddd4ef5faeeddb3a11f35f9e06e9d7e4983e9b6b94ae4f0c3736
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
af55cebfbc55901972d7b0e8d5e939d8ff35c86b2bd404c491929f8ca9dde0f8
b234888bb56009b7a19f1c19a93c4ac8bc70ac78b13c5d264961d52ee12eced0
b4f17a431cdb05959030c0e8ee78d6610d24714dfa897de43225438004121f26
ba9fa711b796f32c5dd818fe68797a9bebc08bc0a3c8d1bd217fba5e2066861b
bd19f35070101b1c7702f1aba1acb19ebb28f322be9a1b5f49dd6efc4e11c447
c1c65f5c05a12d416b2ba968cc403ce3b31c30048a7233aae4cf42a979d37fce
c25cac6c1f44993bd7f675873762a39191c72cc2d4d291b1c5db6b41f3053799
cb5bbbf940c6eb5f03cbede58a289e823ef83f40d7e339486d81b3bf0d72e06b
d1efd6c1bd57c3f112728cc13ec059edbdcdb0b95b5896932ff43c848a9a6ea5
d6f2788da60aebfa629c257f64b6ca51718d19fc880abb5f517063946df23052
d9e5a2b5ff9df19b15be5b1ffa3b9d0963c8af3d12e91f4f2868616c4b84cdc2
dbc277bb0d2e226e55a1f4cb2d0a75192a615ef7d2af4ca7cbf9069392e1ddea
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e05b1a75007ed1a905a22cca19fc7eb84b5a48ac6b61898096cc3e2c9d654110
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5753ff346e269f0c2faa85f137a85a0051b8b1b58d81cd228f9f3557731ba3b
e81bb3c4a53b2b7040056e250c01605e51aad76130191f6df6067bafd74f51e2
ebe33772a06ccab41b64ab2765b61415cbb2d266d02ca1b46497be28735052ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19febc3c1a862c86266afe58e27ef781853ba6279fe43fe1acb35f7cfc0e1f
ef1c45cfb6161b04404be01b3b057a13bf886d5cc96bc59f94dce019ab216c41
f4a42b3857e6d4e99092f5c43f17498157201d75241e15f7aff7fff2effe9678
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
fac6e608d5ec22e9c1d6018691f34ef7fdd2cef15b0ff96c8ae41dcf3ae2be7c
fb146e39a41a0857d9740427e40290f58e9496bcc5d494d7e814a905b41fa3ce
fb3bfd1e9662d4e653aa15073a1b25e6e50a1daccdf222ee1b38513daf72f9c8
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5