urlscan.io logo urlscan.io
SecurityTrails logo

widget.s24.com Open in urlscan Pro
2a00:12c0:101b:200::1a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hotailo.com/
Effective URL: https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication:...
Submission: On November 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 37 HTTP transactions. The main IP is 2a00:12c0:101b:200::1a, located in Germany and belongs to FILOO-ASN Rhedaer Strasse 25, DE. The main domain is widget.s24.com.
TLS certificate: Issued by R3 on October 28th 2021. Valid for: 3 months.
This is the only time widget.s24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 173.239.8.164 27257 (WEBAIR-IN...)
2 2 173.192.101.24 36351 (SOFTLAYER)
5 52.35.242.20 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:12c0:101... 47215 (FILOO-ASN...)
4 2a00:12c0:101... 47215 (FILOO-ASN...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:12c0:101... 47215 (FILOO-ASN...)
5 2a00:12c0:101... 47215 (FILOO-ASN...)
1 2a00:1450:400... 15169 (GOOGLE)
37 10
2    173.239.8.164 (United States)

ASN27257 (WEBAIR-INTERNET, US)
PTR: icsvm3.webair.com
hotailo.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p226681.mybetterdl.com
5    52.35.242.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-242-20.us-west-2.compute.amazonaws.com
click.cartageous.de
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:12c0:101b:200::19 (Germany)

ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE)
tracking.s24.com
4    2a00:12c0:101b:200::1a (Germany)

ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE)
widget.s24.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2a00:12c0:101b:200::a (Germany)

ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE)
s24.media
5    2a00:12c0:101a:1:24::6 (Germany)

ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE)
emmi-findet.de
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
10 s24.media widget.s24.com
5 emmi-findet.de widget.s24.com
5 click.cartageous.de hotailo.com
click.cartageous.de
4 widget.s24.com widget.s24.com
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com click.cartageous.de
widget.s24.com
client
3 tracking.s24.com 2 redirects click.cartageous.de
2 hotailo.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com widget.s24.com
1 p226681.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
37 12

This site contains links to these domains. Also see Links.

Domain
www.s24.com
recomad.de
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.s24.com
R3		 2021-10-28 -
2022-01-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
s24.media
R3		 2021-10-28 -
2022-01-26		 3 months crt.sh
emmi-findet.de
R3		 2021-10-29 -
2022-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
Frame ID: D1B57FEF7696B765860C7391BC18C014
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Alternative Angebote

Page URL History Show full URLs

  1. http://hotailo.com/ Page URL
  2. http://hotailo.com/ Page URL
  3. https://mybetterdl.com/aS/feedclick?s=EUEFNSLDhHtpueGblCyXto8uDhK_8R6jT46ZjpstHTachgBHuPEa5xG_6U4hq... HTTP 302
    https://p226681.mybetterdl.com/adServe/domainClick?ai=W6LwHsBtbbFGEFAky3Fu5h7-5erJvz6KnvLvpxFj3Hp8ZxTLpvqm1... HTTP 302
    http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1... Page URL
  4. https://tracking.s24.com/v3/clickout/10118d8c/2830/3797222316/85e9b5ec4db725a09dd70cca1e2733c8c9f3562... HTTP 303
    https://tracking.s24.com/v3/proceed?cor_b=CiQyOTVhZGNiZC1lYmQ1LTRkOTEtOTI4Yy04YTg4ZGMzOTRiZWYaCDEwMTE... Page URL
  5. https://tracking.s24.com/v3/commit?cor_b=CiQyOTVhZGNiZC1lYmQ1LTRkOTEtOTI4Yy04YTg4ZGMzOTRiZWYaCDEwMTE4... HTTP 303
    https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperat... Page URL

Page Statistics

37
Requests

81 %
HTTPS

73 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

268 kB
Transfer

479 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hotailo.com/ Page URL
  2. http://hotailo.com/ Page URL
  3. https://mybetterdl.com/aS/feedclick?s=EUEFNSLDhHtpueGblCyXto8uDhK_8R6jT46ZjpstHTachgBHuPEa5xG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stle8EJ5aQH9iIaU8pl79xrxhCXFuIjqMK5qWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU0uqmLH6bGB2qL-aZ78WaOs7bi2uxFbnuJL3I9uWD4MZTOAbsV3o_evdi0BkCs2HrQeosy9CLJzt37luPU-XSVKBUn7tLyOIue8CBEuwf76MYqvF2hS-6lAF2oDmSVBhI7u4kXFTqDvKorVGfJx9W_s9xYsKRzPm0l26T-5_dzpQwZts_6_AhEyyIVIroF9hxEUmq1Cqz6IRzf4C_M0kpm05l6EngnBAXBKOMgbz6uLHO7FDkAnexoHRFVa-lAj4PSNff6qjyuLNuaJCQ54Dgs9dwtxLJLbUXeLtPaNyR4dlzI69JF11AFdAPPQsyG1eXWWyLUt9CfK7eALlyiFGqSh7H3jJ-Hl-VaDjxr6O08-J5nxPT-x3clwEBm6CLyFreFIaUoEk9OqH-de9oaiu0VDXQ6gXoT_pkVbjWc2fXTaasbZQnoifaf7uXWDb5beVfD0f-BGKUi96oICt-EG5imOD8cTT8BQ3qtIYKb1hT8SiJg1B_s0FHe57htxVWY8Kuv4SmQOjyPXvCLpRoyAMZ70j10eLgIg9iAC_55xAHQUIL-D4c4obnHHKb7-C3qwCJqhXzSVAQd1m5MEQ1IxiNxRi0KQ38fQXUza3A58y4A6QbqczAxRbfiKfqHkXofVeoamQTRh4jGGxPQnVQvwhsVzDe8lSoRiAetXt-3KHgHlEwfgLCVEZFBnpugD7HSwGgndkbI49NEqMz7E172GlEX4at4grK7EaOUVyyfT4HL951cxWvHIxCPn3plMmTV-x4h52jM6-Hyv0qWx6t6hyPOeOeUHVs9pSRMsdLdQtGRRz8A4vg5pvj5szuxktxKqko6SpByKKb96oRPV9wGELAqQBJ96XZxkqEKR0wOys_X6PeJip01C8trXkIE3rD_YYcRg0R1huLlliAlxsKB_LBxyDMWDEcIrEsluFClVyyFIA6tqCJWlIXuPiXimj-ytXsIJhccXI35do1o0ZQWr8yGfTnmBlX7ANpOYVvUw1clbUf-pfxjMf89mi2L-4COsWdTlIP5ptT_pYrAB6pvFSlvwNiqZ9aN_Lp5NxtRKbZvG84qCJIJ3kReZ9N7aiN0leQnWOGZdJDTaQbFPoDFaXxxpcfRhM8gnPFiEba9mICDqHd8pw-VDmwYug7rZmj086gv77fOvMboDtB7-5erJvz6K_5GwcNNEIvCwCMoixrppYtIzwAmKbkwqGeDYFDo8O3zygaZ8PIJ2dHSsDj6uF9SJiCqxQydHdO3_YfqJ8g0wCQ5RUDuR6cw8vVwpdgyM11_mh6y2RNxf5w HTTP 302
    https://p226681.mybetterdl.com/adServe/domainClick?ai=W6LwHsBtbbFGEFAky3Fu5h7-5erJvz6KnvLvpxFj3Hp8ZxTLpvqm1QHrxXYXZoLbhPpxjulGH-k_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-kMvWtZh04izcTTY_t9bubLPl7tr4p0rA4-rhfUibF7fDyzZydPN2aRlCqoFtQtYnhC53iWZnSsDj6uF9SJrBZwfnlpzJkVzUDlBPdhPoO62Zo9POoLrZNBePhO0p5rXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0j9Q3XCyyfeJ5qzQfadsgQN3_DBO88WArg&ui=EUEFNSLDhHtpueGblCyXtvbWwvziNp_1xLgNeF8Zj-gJkc-MZ8qM2hzjYBm0xJ-Gfi8Esuz08b8rTfAoLuk7LJ_gyODkK-u5kQcRBoT7fi_ZDtYX0KsOzg&si=1&oref=06b42445a5c968e35058fb9928d7ac88&optunit=HwwrVbcDL0LomJ5wtw7vIA&rb=jX0e-gVzQEk&rr=1&abtg=0 HTTP 302
    http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop Page URL
  4. https://tracking.s24.com/v3/clickout/10118d8c/2830/3797222316/85e9b5ec4db725a09dd70cca1e2733c8c9f3562f?s24cid=113013703 HTTP 303
    https://tracking.s24.com/v3/proceed?cor_b=CiQyOTVhZGNiZC1lYmQ1LTRkOTEtOTI4Yy04YTg4ZGMzOTRiZWYaCDEwMTE4ZDhjII4WKKyH1JIOMgkxMTMwMTM3MDNAiP70pNUvSiB0QkRMcFhzRllmV1NZQXd6QWwxeTl1dXVsUThFMERVVVJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhMyYTBmOjk0NDE6NTowOmU5OjoxYhtodHRwOi8vY2xpY2suY2FydGFnZW91cy5kZS-CASQwMmQxNzJkYi02MjYxLTQ1YjEtOWRlNi05YjQ0OWEyZTFiOWOQAQA%3D&cor_h=J3cMv5kPjN4jwt_9HzfPj60jstakrzJcvCGEnI0NGo8%3D Page URL
  5. https://tracking.s24.com/v3/commit?cor_b=CiQyOTVhZGNiZC1lYmQ1LTRkOTEtOTI4Yy04YTg4ZGMzOTRiZWYaCDEwMTE4ZDhjII4WKKyH1JIOMgkxMTMwMTM3MDNAiP70pNUvSiB0QkRMcFhzRllmV1NZQXd6QWwxeTl1dXVsUThFMERVVVJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhMyYTBmOjk0NDE6NTowOmU5OjoxYhtodHRwOi8vY2xpY2suY2FydGFnZW91cy5kZS-CASQwMmQxNzJkYi02MjYxLTQ1YjEtOWRlNi05YjQ0OWEyZTFiOWOQAQA%3D&cor_h=J3cMv5kPjN4jwt_9HzfPj60jstakrzJcvCGEnI0NGo8%3D HTTP 303
    https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://mybetterdl.com/aS/feedclick?s=EUEFNSLDhHtpueGblCyXto8uDhK_8R6jT46ZjpstHTachgBHuPEa5xG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stle8EJ5aQH9iIaU8pl79xrxhCXFuIjqMK5qWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU0uqmLH6bGB2qL-aZ78WaOs7bi2uxFbnuJL3I9uWD4MZTOAbsV3o_evdi0BkCs2HrQeosy9CLJzt37luPU-XSVKBUn7tLyOIue8CBEuwf76MYqvF2hS-6lAF2oDmSVBhI7u4kXFTqDvKorVGfJx9W_s9xYsKRzPm0l26T-5_dzpQwZts_6_AhEyyIVIroF9hxEUmq1Cqz6IRzf4C_M0kpm05l6EngnBAXBKOMgbz6uLHO7FDkAnexoHRFVa-lAj4PSNff6qjyuLNuaJCQ54Dgs9dwtxLJLbUXeLtPaNyR4dlzI69JF11AFdAPPQsyG1eXWWyLUt9CfK7eALlyiFGqSh7H3jJ-Hl-VaDjxr6O08-J5nxPT-x3clwEBm6CLyFreFIaUoEk9OqH-de9oaiu0VDXQ6gXoT_pkVbjWc2fXTaasbZQnoifaf7uXWDb5beVfD0f-BGKUi96oICt-EG5imOD8cTT8BQ3qtIYKb1hT8SiJg1B_s0FHe57htxVWY8Kuv4SmQOjyPXvCLpRoyAMZ70j10eLgIg9iAC_55xAHQUIL-D4c4obnHHKb7-C3qwCJqhXzSVAQd1m5MEQ1IxiNxRi0KQ38fQXUza3A58y4A6QbqczAxRbfiKfqHkXofVeoamQTRh4jGGxPQnVQvwhsVzDe8lSoRiAetXt-3KHgHlEwfgLCVEZFBnpugD7HSwGgndkbI49NEqMz7E172GlEX4at4grK7EaOUVyyfT4HL951cxWvHIxCPn3plMmTV-x4h52jM6-Hyv0qWx6t6hyPOeOeUHVs9pSRMsdLdQtGRRz8A4vg5pvj5szuxktxKqko6SpByKKb96oRPV9wGELAqQBJ96XZxkqEKR0wOys_X6PeJip01C8trXkIE3rD_YYcRg0R1huLlliAlxsKB_LBxyDMWDEcIrEsluFClVyyFIA6tqCJWlIXuPiXimj-ytXsIJhccXI35do1o0ZQWr8yGfTnmBlX7ANpOYVvUw1clbUf-pfxjMf89mi2L-4COsWdTlIP5ptT_pYrAB6pvFSlvwNiqZ9aN_Lp5NxtRKbZvG84qCJIJ3kReZ9N7aiN0leQnWOGZdJDTaQbFPoDFaXxxpcfRhM8gnPFiEba9mICDqHd8pw-VDmwYug7rZmj086gv77fOvMboDtB7-5erJvz6K_5GwcNNEIvCwCMoixrppYtIzwAmKbkwqGeDYFDo8O3zygaZ8PIJ2dHSsDj6uF9SJiCqxQydHdO3_YfqJ8g0wCQ5RUDuR6cw8vVwpdgyM11_mh6y2RNxf5w HTTP 302
  • https://p226681.mybetterdl.com/adServe/domainClick?ai=W6LwHsBtbbFGEFAky3Fu5h7-5erJvz6KnvLvpxFj3Hp8ZxTLpvqm1QHrxXYXZoLbhPpxjulGH-k_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-kMvWtZh04izcTTY_t9bubLPl7tr4p0rA4-rhfUibF7fDyzZydPN2aRlCqoFtQtYnhC53iWZnSsDj6uF9SJrBZwfnlpzJkVzUDlBPdhPoO62Zo9POoLrZNBePhO0p5rXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0j9Q3XCyyfeJ5qzQfadsgQN3_DBO88WArg&ui=EUEFNSLDhHtpueGblCyXtvbWwvziNp_1xLgNeF8Zj-gJkc-MZ8qM2hzjYBm0xJ-Gfi8Esuz08b8rTfAoLuk7LJ_gyODkK-u5kQcRBoT7fi_ZDtYX0KsOzg&si=1&oref=06b42445a5c968e35058fb9928d7ac88&optunit=HwwrVbcDL0LomJ5wtw7vIA&rb=jX0e-gVzQEk&rr=1&abtg=0 HTTP 302
  • http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop
Request Chain 9
  • https://tracking.s24.com/v3/clickout/10118d8c/2830/3797222316/85e9b5ec4db725a09dd70cca1e2733c8c9f3562f?s24cid=113013703 HTTP 303
  • https://tracking.s24.com/v3/proceed?cor_b=CiQyOTVhZGNiZC1lYmQ1LTRkOTEtOTI4Yy04YTg4ZGMzOTRiZWYaCDEwMTE4ZDhjII4WKKyH1JIOMgkxMTMwMTM3MDNAiP70pNUvSiB0QkRMcFhzRllmV1NZQXd6QWwxeTl1dXVsUThFMERVVVJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhMyYTBmOjk0NDE6NTowOmU5OjoxYhtodHRwOi8vY2xpY2suY2FydGFnZW91cy5kZS-CASQwMmQxNzJkYi02MjYxLTQ1YjEtOWRlNi05YjQ0OWEyZTFiOWOQAQA%3D&cor_h=J3cMv5kPjN4jwt_9HzfPj60jstakrzJcvCGEnI0NGo8%3D

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hotailo.com/ 		350 B
449 B 		Document
General
Check archive.org
Download Go to
Full URL
http://hotailo.com/
Protocol
HTTP/1.1
Server
173.239.8.164 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
icsvm3.webair.com
Software
nginx/1.18.0 /
Resource Hash
8f8bad45af343a49ea6a27cc69b34c06deaac0565301abebef95b5115350df59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.18.0
Date
Thu, 25 Nov 2021 01:02:07 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
/
hotailo.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hotailo.com/
Protocol
HTTP/1.1
Server
173.239.8.164 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
icsvm3.webair.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
Origin
http://hotailo.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://hotailo.com/

Response headers

Server
nginx/1.18.0
Date
Thu, 25 Nov 2021 01:02:08 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
/
click.cartageous.de/
Redirect Chain
  • https://mybetterdl.com/aS/feedclick?s=EUEFNSLDhHtpueGblCyXto8uDhK_8R6jT46ZjpstHTachgBHuPEa5xG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stle8EJ5aQH9iIaU8pl79xrxhCXFuIjqMK5qWfap4yUt_iPH1TzciB1Qg6AZUDRz9b...
  • https://p226681.mybetterdl.com/adServe/domainClick?ai=W6LwHsBtbbFGEFAky3Fu5h7-5erJvz6KnvLvpxFj3Hp8ZxTLpvqm1QHrxXYXZoLbhPpxjulGH-k_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-kMvWtZh04izcTTY_t9bubLPl7tr4p0rA4...
  • http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop
Requested by
Host: hotailo.com
URL: http://hotailo.com/
Protocol
HTTP/1.1
Server
52.35.242.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-242-20.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
470572063d535a2496e1d0b877fb7e89f65dcd3d2f5b8ccdc9c20be19997e788
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://hotailo.com/

Response headers

Date
Thu, 25 Nov 2021 01:02:09 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
ETag
W/"bc1-akvWFeZMrHZVUXeJZqhdSZI/hTI"
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

server
nginx
date
Thu, 25 Nov 2021 01:02:09 GMT
content-length
0
location
http://click.cartageous.de?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop
rt.min.js
click.cartageous.de/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://click.cartageous.de/js/rt.min.js
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop
Protocol
HTTP/1.1
Server
52.35.242.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-242-20.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6430b582f6963e21705d078b954ae04c7c5a9f986960ceff41d1a5ca95d8e04d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 25 Nov 2021 01:02:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-DNS-Prefetch-Control
off
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 25 Nov 2021 00:16:00 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"3596-17d5472f7a1"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Accept-Ranges
bytes
landing.min.js
click.cartageous.de/js/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://click.cartageous.de/js/landing.min.js
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop
Protocol
HTTP/1.1
Server
52.35.242.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-242-20.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d847109e96105ec05c66bf906afe2e498370ad4c363c1406d9c4a964f1188e31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 25 Nov 2021 01:02:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-DNS-Prefetch-Control
off
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 24 Nov 2021 09:37:54 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"107ea-17d514f0950"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Accept-Ranges
bytes
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afbb224757994ccc20b0ab6ceb60eab144cd8825a392613861045e393632ec81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 23:49:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Nov 2021 01:02:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Nov 2021 01:02:09 GMT
bcloader.gif
click.cartageous.de/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://click.cartageous.de/images/bcloader.gif
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop
Protocol
HTTP/1.1
Server
52.35.242.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-242-20.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 25 Nov 2021 01:02:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Nov 2021 09:37:54 GMT
ETag
W/"6816-17d514f0950"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Strict-Transport-Security
max-age=15552000; includeSubDomains
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
26646
X-XSS-Protection
1; mode=block
updateClickStatus
click.cartageous.de/ 		174 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
http://click.cartageous.de/updateClickStatus
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/js/landing.min.js
Protocol
HTTP/1.1
Server
52.35.242.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-242-20.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
bb40cc0032d5d2e7b63b5434b6dabc5b7903cb487dc10a4f7ebfae1e597b3f67
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=2830&env=2&subid=ch_440514653|010_1_inf_df_s24_de_merchant_Wolkyshop|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_440514653%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wolkyshop
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 25 Nov 2021 01:02:11 GMT
X-Content-Type-Options
nosniff
ETag
W/"ae-+NefV/clkM95oAZm3N8nOzVS73M"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-DNS-Prefetch-Control
off
Vary
Accept-Encoding
Content-Length
174
X-XSS-Protection
1; mode=block
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://click.cartageous.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 15:40:37 GMT
x-content-type-options
nosniff
age
33693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 15:40:37 GMT
proceed
tracking.s24.com/v3/
Redirect Chain
  • https://tracking.s24.com/v3/clickout/10118d8c/2830/3797222316/85e9b5ec4db725a09dd70cca1e2733c8c9f3562f?s24cid=113013703
  • https://tracking.s24.com/v3/proceed?cor_b=CiQyOTVhZGNiZC1lYmQ1LTRkOTEtOTI4Yy04YTg4ZGMzOTRiZWYaCDEwMTE4ZDhjII4WKKyH1JIOMgkxMTMwMTM3MDNAiP70pNUvSiB0QkRMcFhzRllmV1NZQXd6QWwxeTl1dXVsUThFMERVVVJyTW96aWx...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking.s24.com/v3/proceed?cor_b=CiQyOTVhZGNiZC1lYmQ1LTRkOTEtOTI4Yy04YTg4ZGMzOTRiZWYaCDEwMTE4ZDhjII4WKKyH1JIOMgkxMTMwMTM3MDNAiP70pNUvSiB0QkRMcFhzRllmV1NZQXd6QWwxeTl1dXVsUThFMERVVVJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhMyYTBmOjk0NDE6NTowOmU5OjoxYhtodHRwOi8vY2xpY2suY2FydGFnZW91cy5kZS-CASQwMmQxNzJkYi02MjYxLTQ1YjEtOWRlNi05YjQ0OWEyZTFiOWOQAQA%3D&cor_h=J3cMv5kPjN4jwt_9HzfPj60jstakrzJcvCGEnI0NGo8%3D
Requested by
Host: click.cartageous.de
URL: http://click.cartageous.de/js/landing.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::19 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
9857a9b8cc7b4209de465fd5143e644b58cfa493b14b8a8fd0bf09f05c17d5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://click.cartageous.de/

Response headers

content-language
de-DE
content-type
text/html;charset=UTF-8
date
Thu, 25 Nov 2021 01:02:10 GMT
etag
W/"06bb6b2d2bcb9f58f6e015f82f0db3287"
p3p
CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
x-robots-tag
noindex, nofollow
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://cspreport.s24.com/;
strict-transport-security
max-age=31536000;
vary
Accept-Encoding Accept-Encoding
content-encoding
gzip

Redirect headers

cache-control
no-cache, no-store
content-language
de-DE
content-length
0
date
Thu, 25 Nov 2021 01:02:10 GMT
location
https://tracking.s24.com/v3/proceed?cor_b=CiQyOTVhZGNiZC1lYmQ1LTRkOTEtOTI4Yy04YTg4ZGMzOTRiZWYaCDEwMTE4ZDhjII4WKKyH1JIOMgkxMTMwMTM3MDNAiP70pNUvSiB0QkRMcFhzRllmV1NZQXd6QWwxeTl1dXVsUThFMERVVVJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhMyYTBmOjk0NDE6NTowOmU5OjoxYhtodHRwOi8vY2xpY2suY2FydGFnZW91cy5kZS-CASQwMmQxNzJkYi02MjYxLTQ1YjEtOWRlNi05YjQ0OWEyZTFiOWOQAQA%3D&cor_h=J3cMv5kPjN4jwt_9HzfPj60jstakrzJcvCGEnI0NGo8%3D
p3p
CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
x-robots-tag
noindex, nofollow
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://cspreport.s24.com/;
strict-transport-security
max-age=31536000;
Primary Request recommendations
widget.s24.com/
Redirect Chain
  • https://tracking.s24.com/v3/commit?cor_b=CiQyOTVhZGNiZC1lYmQ1LTRkOTEtOTI4Yy04YTg4ZGMzOTRiZWYaCDEwMTE4ZDhjII4WKKyH1JIOMgkxMTMwMTM3MDNAiP70pNUvSiB0QkRMcFhzRllmV1NZQXd6QWwxeTl1dXVsUThFMERVVVJyTW96aWxs...
  • https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::1a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
d7abb6163ca9a8de0194d574ec2684e89c6536758ce49af53568bff7533d1f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
Origin
https://tracking.s24.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tracking.s24.com/

Response headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Thu, 25 Nov 2021 01:02:11 GMT
vary
Origin Accept-Encoding Accept-Encoding
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000;
content-encoding
gzip

Redirect headers

content-language
de-DE
content-length
0
date
Thu, 25 Nov 2021 01:02:10 GMT
location
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
p3p
CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
x-robots-tag
noindex, nofollow
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://cspreport.s24.com/;
strict-transport-security
max-age=31536000;
css
fonts.googleapis.com/ 		7 KB
941 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:800i|Source+Sans+Pro:400,600
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89beb0d04c18d7513be80ddfa57427636f87f038190851cc28fb76a6ef10a703
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 01:02:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Nov 2021 01:02:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Nov 2021 01:02:11 GMT
s24widget.min.js
widget.s24.com/js/ 		41 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.s24.com/js/s24widget.min.js
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::1a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
3be56c589004bb0554edc4de38893c558b37d1547b980898d076ab6eed6ff0a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 01:02:11 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Nov 2021 12:16:13 GMT
etag
W/"6197958d-a37f"
strict-transport-security
max-age=31536000;
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
vary
Accept-Encoding, Accept-Encoding
products
widget.s24.com/applications/531f129b/widgets/189/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.s24.com/applications/531f129b/widgets/189/products?searchTerm=Sneakers%20Rap%20Velourleder%20weinrot&origin=https%3A%2F%2Fwidget.s24.com%2Frecommendations%3Ftitle%3DSneakers%2520Rap%2520Velourleder%2520weinrot%26s24cid%3Dcooperation%3Adatasyndication%3A%3A10118d8c
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::1a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
2c17cb9105e790d8f1cbce67fdced388761ffe980e9cf80d005abff2c8a1a65d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 01:02:12 GMT
cache-control
no-cache, private
referrer-policy
no-referrer-when-downgrade
content-encoding
gzip
vary
Origin, Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=31536000;
content-type
application/json
css
fonts.googleapis.com/ 		6 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,300
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf1b19bcc5a84e022bef78be3a0f3f78f6c58534fa8726f9355b28a43af9bb33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 23:58:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Nov 2021 01:02:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Nov 2021 01:02:12 GMT
css
fonts.googleapis.com/ 		1 KB
395 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,900
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89c9421ac39490aa9d49852dea53fd6bae0f07639ed1d50b3879b4299e64ca43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 23:53:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Nov 2021 01:02:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Nov 2021 01:02:12 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800i|Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widget.s24.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 20:17:49 GMT
x-content-type-options
nosniff
age
103463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 20:17:49 GMT
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk0ZjWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk0ZjWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800i|Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9c7e941368e9ad2b21a1b1c5ee2c0f8e2a3852f6ce9856a5abf30ae956b144a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widget.s24.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 11:08:32 GMT
x-content-type-options
nosniff
age
50020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17528
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:15 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 11:08:32 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800i|Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widget.s24.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 11:22:37 GMT
x-content-type-options
nosniff
age
49175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 11:22:37 GMT
gtm.js
www.googletagmanager.com/ 		146 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NMWF6ZW&l=s24DataLayer
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef36d17a7adbc93cdc39285d641348eccaa6597077168c9fcdef61c30e30a035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 01:02:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53920
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Nov 2021 01:02:12 GMT
3413548705
s24.media/152x152/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/3413548705
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
4505637292710e3a8d01deda0fe89db7731a731036dcee67432818bb9dbcae9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Nov 2021 01:02:12 GMT
x-ratelimit-remaining
100
content-type
image/jpeg
cache-control
max-age=315360000
x-ratelimit-reset
1
x-ratelimit-limit
101
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
3750
expires
Thu, 31 Dec 2037 23:55:55 GMT
versand_18x9.png
emmi-findet.de/images/ 		536 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmi-findet.de/images/versand_18x9.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101a:1:24::6 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 01:02:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Nov 2021 12:15:44 GMT
etag
"61979570-218"
strict-transport-security
max-age=31536000;
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
expires
Thu, 31 Dec 2037 23:55:55 GMT
3413549194
s24.media/152x152/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/3413549194
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
dd10e62faaa383d2ea550e3d349b406a29023c0c708bf9b22f39898a53ef000e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Nov 2021 01:02:12 GMT
x-ratelimit-remaining
100
content-type
image/jpeg
cache-control
max-age=315360000
x-ratelimit-reset
1
x-ratelimit-limit
101
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
3705
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMWF6ZW&l=s24DataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
65
date
Thu, 25 Nov 2021 01:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 25 Nov 2021 03:01:07 GMT
3413548705
s24.media/152x152/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/3413548705
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
4505637292710e3a8d01deda0fe89db7731a731036dcee67432818bb9dbcae9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Nov 2021 01:02:12 GMT
x-ratelimit-remaining
100
content-type
image/jpeg
cache-control
max-age=315360000
x-ratelimit-reset
1
x-ratelimit-limit
101
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
3750
expires
Thu, 31 Dec 2037 23:55:55 GMT
versand_18x9.png
emmi-findet.de/images/ 		536 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmi-findet.de/images/versand_18x9.png
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101a:1:24::6 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 01:02:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Nov 2021 12:15:44 GMT
etag
"61979570-218"
strict-transport-security
max-age=31536000;
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
expires
Thu, 31 Dec 2037 23:55:55 GMT
3413549194
s24.media/152x152/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/3413549194
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
dd10e62faaa383d2ea550e3d349b406a29023c0c708bf9b22f39898a53ef000e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Nov 2021 01:02:12 GMT
x-ratelimit-remaining
100
content-type
image/jpeg
cache-control
max-age=315360000
x-ratelimit-reset
1
x-ratelimit-limit
101
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
3705
expires
Thu, 31 Dec 2037 23:55:55 GMT
3413548705
s24.media/152x152/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/3413548705
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
4505637292710e3a8d01deda0fe89db7731a731036dcee67432818bb9dbcae9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Nov 2021 01:02:12 GMT
x-ratelimit-remaining
100
content-type
image/jpeg
cache-control
max-age=315360000
x-ratelimit-reset
1
x-ratelimit-limit
101
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
3750
expires
Thu, 31 Dec 2037 23:55:55 GMT
versand_18x9.png
emmi-findet.de/images/ 		536 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmi-findet.de/images/versand_18x9.png
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101a:1:24::6 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 01:02:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Nov 2021 12:15:44 GMT
etag
"61979570-218"
strict-transport-security
max-age=31536000;
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
expires
Thu, 31 Dec 2037 23:55:55 GMT
3413549194
s24.media/152x152/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/3413549194
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
dd10e62faaa383d2ea550e3d349b406a29023c0c708bf9b22f39898a53ef000e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Nov 2021 01:02:12 GMT
x-ratelimit-remaining
100
content-type
image/jpeg
cache-control
max-age=315360000
x-ratelimit-reset
1
x-ratelimit-limit
101
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
3705
expires
Thu, 31 Dec 2037 23:55:55 GMT
3413548705
s24.media/152x152/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/3413548705
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
4505637292710e3a8d01deda0fe89db7731a731036dcee67432818bb9dbcae9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Nov 2021 01:02:13 GMT
x-ratelimit-remaining
100
content-type
image/jpeg
cache-control
max-age=315360000
x-ratelimit-reset
1
x-ratelimit-limit
101
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
3750
expires
Thu, 31 Dec 2037 23:55:55 GMT
versand_18x9.png
emmi-findet.de/images/ 		536 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmi-findet.de/images/versand_18x9.png
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101a:1:24::6 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 01:02:13 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Nov 2021 12:15:44 GMT
etag
"61979570-218"
strict-transport-security
max-age=31536000;
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
expires
Thu, 31 Dec 2037 23:55:55 GMT
3413549194
s24.media/152x152/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/3413549194
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
dd10e62faaa383d2ea550e3d349b406a29023c0c708bf9b22f39898a53ef000e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Nov 2021 01:02:13 GMT
x-ratelimit-remaining
100
content-type
image/jpeg
cache-control
max-age=315360000
x-ratelimit-reset
1
x-ratelimit-limit
101
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
3705
expires
Thu, 31 Dec 2037 23:55:55 GMT
trackAdImpression
widget.s24.com/applications/531f129b/widgets/189/ 		0
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.s24.com/applications/531f129b/widgets/189/trackAdImpression?searchTerm=Sneakers%20Rap%20Velourleder%20weinrot&origin=https%3A%2F%2Fwidget.s24.com%2Frecommendations%3Ftitle%3DSneakers%2520Rap%2520Velourleder%2520weinrot%26s24cid%3Dcooperation%3Adatasyndication%3A%3A10118d8c&top=124.390625
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::1a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 01:02:13 GMT
google-delayed-impression
1
referrer-policy
no-referrer-when-downgrade
cache-control
no-cache, private
vary
Origin
strict-transport-security
max-age=31536000;
3413548705
s24.media/152x152/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/3413548705
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
4505637292710e3a8d01deda0fe89db7731a731036dcee67432818bb9dbcae9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Nov 2021 01:02:13 GMT
x-ratelimit-remaining
100
content-type
image/jpeg
cache-control
max-age=315360000
x-ratelimit-reset
1
x-ratelimit-limit
101
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
3750
expires
Thu, 31 Dec 2037 23:55:55 GMT
versand_18x9.png
emmi-findet.de/images/ 		536 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmi-findet.de/images/versand_18x9.png
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101a:1:24::6 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 01:02:13 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Nov 2021 12:15:44 GMT
etag
"61979570-218"
strict-transport-security
max-age=31536000;
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
expires
Thu, 31 Dec 2037 23:55:55 GMT
3413549194
s24.media/152x152/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s24.media/152x152/3413549194
Requested by
Host: widget.s24.com
URL: https://widget.s24.com/js/s24widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:200::a , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
/
Resource Hash
dd10e62faaa383d2ea550e3d349b406a29023c0c708bf9b22f39898a53ef000e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widget.s24.com/recommendations?title=Sneakers%20Rap%20Velourleder%20weinrot&s24cid=cooperation:datasyndication::10118d8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Nov 2021 01:02:13 GMT
x-ratelimit-remaining
100
content-type
image/jpeg
cache-control
max-age=315360000
x-ratelimit-reset
1
x-ratelimit-limit
101
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
3705
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| regeneratorRuntime object| recomad object| s24DataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
hotailo.com/ Name: ipc
Value: eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6MjEsInRzIjoxNjM3ODAyMTI4LCJoYXNoIjoiN2Y3NDM4NjkifQ==
.mybetterdl.com/ Name: rhid
Value: 80172297543
.mybetterdl.com/ Name: loi
Value: ad_1135728_off_580127_aff_11683_cid_226681-HOTAILO.COM_ts_1637802129
.s24.com/ Name: co-session
Value: tBDLpXsFYfWSYAwzAl1y9uuulQ8E0DUU
.s24.com/ Name: s24uid
Value: 02d172db-6261-45b1-9de6-9b449a2e1b9c
.s24.com/ Name: _ga
Value: GA1.2.750689495.1637802132
.s24.com/ Name: _gid
Value: GA1.2.2048550349.1637802132
widget.s24.com/ Name: laravel_session
Value: eyJpdiI6InRDcWk3emNmaW9SUDNzdnJCWEVGZkE9PSIsInZhbHVlIjoiS0FWdHpacUx0YVljWTJUcTM1VDhWTlc2SEdaUnBoWkxEaS95blBKSGgyLytzR0ZCekI0VlVZaXBRdFNmaGJYY2Qrc1hZdm1UcHlKaythd0ZsUitTb1IwSi9Tc2lSNEI3RWxManlVSkJBaVIva0FqWVBnejZ1L0hucW5XbXZIeDgiLCJtYWMiOiJiNzNlOTEzMDllOTVjNDhmZWEwOGQyZDIzYmU3YWYwYzRhNWY5ZDU2MTEwMGIwYWM1Njg0NjNmOWZiZTVmNTBiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.cartageous.de
emmi-findet.de
fonts.googleapis.com
fonts.gstatic.com
hotailo.com
mybetterdl.com
p226681.mybetterdl.com
s24.media
tracking.s24.com
widget.s24.com
www.google-analytics.com
www.googletagmanager.com
173.192.101.24
173.239.8.164
2a00:12c0:101a:1:24::6
2a00:12c0:101b:200::19
2a00:12c0:101b:200::1a
2a00:12c0:101b:200::a
2a00:1450:4001:809::2003
2a00:1450:4001:810::200a
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
52.35.242.20
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2c17cb9105e790d8f1cbce67fdced388761ffe980e9cf80d005abff2c8a1a65d
3be56c589004bb0554edc4de38893c558b37d1547b980898d076ab6eed6ff0a7
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
4505637292710e3a8d01deda0fe89db7731a731036dcee67432818bb9dbcae9a
470572063d535a2496e1d0b877fb7e89f65dcd3d2f5b8ccdc9c20be19997e788
4a9eafbc1dccb80beb04525ab5c7e93728f6e5b8c5b05b652f51e1c9db85261d
6430b582f6963e21705d078b954ae04c7c5a9f986960ceff41d1a5ca95d8e04d
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
89beb0d04c18d7513be80ddfa57427636f87f038190851cc28fb76a6ef10a703
89c9421ac39490aa9d49852dea53fd6bae0f07639ed1d50b3879b4299e64ca43
8f8bad45af343a49ea6a27cc69b34c06deaac0565301abebef95b5115350df59
9857a9b8cc7b4209de465fd5143e644b58cfa493b14b8a8fd0bf09f05c17d5ba
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
afbb224757994ccc20b0ab6ceb60eab144cd8825a392613861045e393632ec81
b9c7e941368e9ad2b21a1b1c5ee2c0f8e2a3852f6ce9856a5abf30ae956b144a
bb40cc0032d5d2e7b63b5434b6dabc5b7903cb487dc10a4f7ebfae1e597b3f67
bf1b19bcc5a84e022bef78be3a0f3f78f6c58534fa8726f9355b28a43af9bb33
d7abb6163ca9a8de0194d574ec2684e89c6536758ce49af53568bff7533d1f6e
d847109e96105ec05c66bf906afe2e498370ad4c363c1406d9c4a964f1188e31
dd10e62faaa383d2ea550e3d349b406a29023c0c708bf9b22f39898a53ef000e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef36d17a7adbc93cdc39285d641348eccaa6597077168c9fcdef61c30e30a035