Submitted URL: http://gemax-online.de/
Effective URL: https://0.roselinetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=stars&sub3=jekitas5
Submission Tags: falconsandbox
Submission: On July 24 via api from US — Scanned from DE

Summary

This website contacted 24 IPs in 6 countries across 20 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3036::6815:36cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is 0.roselinetoday.com.
TLS certificate: Issued by WE1 on July 17th 2024. Valid for: 3 months.
This is the only time 0.roselinetoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 83.136.86.14 24961 (MYLOC-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
3 192.0.76.3 2635 (AUTOMATTIC)
1 192.0.77.32 2635 (AUTOMATTIC)
2 80.66.79.252 60602 (INOVARE-A...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
3 95.216.10.178 24940 (HETZNER-AS)
1 89.42.142.89 199058 (SERVAONE)
1 2a00:1450:400... 15169 (GOOGLE)
3 45.9.149.210 49447 (NICEIT)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 _)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 95.211.229.248 60781 (LEASEWEB-...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
63 24
Apex Domain
Subdomains
Transfer
20 gemax-online.de
gemax-online.de
www.gemax-online.de
2 MB
4 roselinetoday.com
roselinetoday.com
0.roselinetoday.com
16 KB
4 perfectlinestarter.com
ready.perfectlinestarter.com
go.perfectlinestarter.com
2 KB
4 readytocheckline.com
sources.readytocheckline.com
rt1.readytocheckline.com
30 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
3 KB
4 wp.com
stats.wp.com — Cisco Umbrella Rank: 4519
s0.wp.com — Cisco Umbrella Rank: 11872
pixel.wp.com — Cisco Umbrella Rank: 4225
10 KB
3 rdntocdns.com
cdn.rdntocdns.com — Cisco Umbrella Rank: 314312
39 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
147 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
12 KB
2 exdynsrv.com
a.exdynsrv.com — Cisco Umbrella Rank: 67093
syndication.exdynsrv.com — Cisco Umbrella Rank: 72099
37 KB
2 domfehu.com
domfehu.com
12 KB
2 gstatic.com
fonts.gstatic.com
29 KB
2 linestoget.com
stay.linestoget.com
29 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
83 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
337 B
1 google.de
ampcid.google.de — Cisco Umbrella Rank: 120381
371 B
1 stratosbody.com
sleep.stratosbody.com
19 KB
1 weatherplllatform.com
go.weatherplllatform.com
8 KB
1 google.com
ampcid.google.com — Cisco Umbrella Rank: 4317
442 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
63 20
Domain Requested by
19 www.gemax-online.de www.gemax-online.de
4 www.google-analytics.com www.gemax-online.de
3 go.perfectlinestarter.com sources.readytocheckline.com
3 sources.readytocheckline.com www.gemax-online.de
sources.readytocheckline.com
rt1.readytocheckline.com
3 cdn.rdntocdns.com www.gemax-online.de
3 connect.facebook.net www.gemax-online.de
connect.facebook.net
3 www.youtube.com www.gemax-online.de
www.youtube.com
2 0.roselinetoday.com www.gemax-online.de
2 roselinetoday.com
2 domfehu.com www.gemax-online.de
2 fonts.gstatic.com fonts.googleapis.com
2 stay.linestoget.com www.gemax-online.de
2 stats.wp.com www.gemax-online.de
2 cdn.jsdelivr.net www.gemax-online.de
cdn.jsdelivr.net
1 syndication.exdynsrv.com a.exdynsrv.com
1 ready.perfectlinestarter.com 1 redirects
1 a.exdynsrv.com www.gemax-online.de
1 rt1.readytocheckline.com sources.readytocheckline.com
1 stats.g.doubleclick.net www.gemax-online.de
1 ampcid.google.de www.gemax-online.de
1 pixel.wp.com www.gemax-online.de
1 sleep.stratosbody.com www.gemax-online.de
1 go.weatherplllatform.com www.gemax-online.de
1 ampcid.google.com www.gemax-online.de
1 s0.wp.com www.gemax-online.de
1 fonts.googleapis.com www.gemax-online.de
1 gemax-online.de 1 redirects
63 27

This site contains no links.

Subject Issuer Validity Valid
www.gemax-online.de
R11
2024-06-17 -
2024-09-15
3 months crt.sh
upload.video.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
step.linestoget.com
R3
2024-05-30 -
2024-08-28
3 months crt.sh
*.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.gstatic.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.google-analytics.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-05-03 -
2024-08-01
3 months crt.sh
weatherplllatform.com
R11
2024-07-20 -
2024-10-18
3 months crt.sh
sleep.stratosbody.com
R10
2024-06-27 -
2024-09-25
3 months crt.sh
*.google.de
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
cdn.rdntocdns.com
R3
2024-05-31 -
2024-08-29
3 months crt.sh
readytocheckline.com
WE1
2024-06-20 -
2024-09-18
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
domfehu.com
R10
2024-07-20 -
2024-10-18
3 months crt.sh
1852405956.rsc.cdn77.org
R3
2024-05-20 -
2024-08-18
3 months crt.sh
perfectlinestarter.com
WE1
2024-07-14 -
2024-10-12
3 months crt.sh
exdynsrv.com
E5
2024-07-01 -
2024-09-29
3 months crt.sh
roselinetoday.com
WE1
2024-07-17 -
2024-10-15
3 months crt.sh

This page contains 2 frames:

Primary Page: https://0.roselinetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=stars&sub3=jekitas5
Frame ID: 16A40555BB554672CA13809B37153141
Requests: 75 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Ngldky35ZZk?enablejsapi=1&origin=https://www.gemax-online.de&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=1&rel=1&showinfo=1&fs=1&playsinline=1&controls=2&color=red&autohide=2&theme=dark&
Frame ID: 84FCA8F333E671F7D3B942800DD6531B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Checking your browser

Page URL History Show full URLs

  1. http://gemax-online.de/ HTTP 307
    https://gemax-online.de/ HTTP 301
    https://www.gemax-online.de/ Page URL
  2. https://ready.perfectlinestarter.com/2hZQjb HTTP 302
    https://go.perfectlinestarter.com/4qddQb Page URL
  3. https://go.perfectlinestarter.com/7MjvR5 Page URL
  4. https://roselinetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=stars&sub3=jekitas5 Page URL
  5. https://0.roselinetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=stars&sub3=jekitas5 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

63
Requests

98 %
HTTPS

65 %
IPv6

20
Domains

27
Subdomains

24
IPs

6
Countries

2029 kB
Transfer

2739 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gemax-online.de/ HTTP 307
    https://gemax-online.de/ HTTP 301
    https://www.gemax-online.de/ Page URL
  2. https://ready.perfectlinestarter.com/2hZQjb HTTP 302
    https://go.perfectlinestarter.com/4qddQb Page URL
  3. https://go.perfectlinestarter.com/7MjvR5 Page URL
  4. https://roselinetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=stars&sub3=jekitas5 Page URL
  5. https://0.roselinetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=stars&sub3=jekitas5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://gemax-online.de/ HTTP 307
  • https://gemax-online.de/ HTTP 301
  • https://www.gemax-online.de/
Request Chain 66
  • https://ready.perfectlinestarter.com/2hZQjb HTTP 302
  • https://go.perfectlinestarter.com/4qddQb

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.gemax-online.de/
Redirect Chain
  • http://gemax-online.de/
  • https://gemax-online.de/
  • https://www.gemax-online.de/
118 KB
118 KB
Document
General
Full URL
https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
9bff37581a37c7c98f4237af69f6f737b85322cd2b4823a36c95413a11feec68

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 21:50:50 GMT
last-modified
Wed, 24 Jul 2024 17:29:19 GMT
server
nginx

Redirect headers

age
86400
cache-control
max-age=86400
content-security-policy
default-src 'self' data: blob: *.gemax-online.de app.gemax-online.de; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' *.gemax-online.de www.google-analytics.com maps.googleapis.com connect.facebook.net cdn.datatables.net www.youtube.com s.ytimg.com maxcdn.bootstrapcdn.com ajax.googleapis.com seal.starfieldtech.com www.gstatic.com www.google.com *.wp.com secure.gravatar.com www.google.de app.gemax-online.de s0.wp.com s1.wp.com stats.wp.com pixel.wp.com; style-src 'self' data: 'unsafe-inline' *.gemax-online.de maps.googleapis.com cdn.jsdelivr.net fonts.googleapis.com cdn.datatables.net maxcdn.bootstrapcdn.com ajax.googleapis.com www.gstatic.com secure.gravatar.com app.gemax-online.de s0.wp.com s1.wp.com stats.wp.com pixel.wp.com c0.wp.com c1.wp.com; img-src 'self' data: *.gemax-online.de freetools.seobility.net www.google-analytics.com www.facebook.com maps.googleapis.com seal.starfieldtech.com maps.gstatic.com *.wp.com stats.g.doubleclick.net www.google.com www.google.de app.gemax-online.de s0.wp.com s1.wp.com stats.wp.com pixel.wp.com; connect-src 'self' data: blob: *.gemax-online.de www.google-analytics.com ampcid.google.com ampcid.google.de www.google.de WordPress.com app.gemax-online.de; font-src 'self' data: blob: *.gemax-online.de googleapis.com fonts.gstatic.com cdn.jsdelivr.net wordpress.com www.google.de app.gemax-online.de s0.wp.com s1.wp.com stats.wp.com pixel.wp.com; frame-ancestors 'self' data: blob: *.gemax-online.de https://www.gemax-online.de https://www.facebook.com ; plugin-types application/pdf application/x-shockwave-flash; frame-src 'self' data: blob: *.gemax-online.de staticxx.facebook.com www.facebook.com www.youtube.com connect.facebook.net www.google.com app.gemax-online.de s0.wp.com s1.wp.com stats.wp.com pixel.wp.com
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 21:50:50 GMT
expires
Thu, 25 Jul 2024 21:50:50 GMT
location
https://www.gemax-online.de/
pragma
no-cache
referrer-policy
origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-frame-options
ALLOW-FROM https://app.gemax-online.de, https://partner.gemax-online.de, https://api.gemax-online.de, https://www.gemax-online.de, https://books.gemax-online.de, https://pages.gemax-online.de https://www.gemax-online.de
x-ua-compatible
IE=edge,chrome=1
d8ecb9349a75b22d933bccd6f6a51729.css
www.gemax-online.de/wp-content/cache/min/1/
558 KB
559 KB
Stylesheet
General
Full URL
https://www.gemax-online.de/wp-content/cache/min/1/d8ecb9349a75b22d933bccd6f6a51729.css
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
2839a03776d5a3f93f4313c9a90215b6a26a453b775e39c47a2444742dd1faa4

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:50 GMT
last-modified
Thu, 25 Jul 2019 13:41:02 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5d39b16e-8b680"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
571008
expires
Thu, 24 Jul 2025 21:50:50 GMT
css
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,300italic,400italic,600,700,900&subset=latin%2Clatin-ext
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89a0a5fe654917c17845ff385b2ae2ea116d932f57ca90b012869f608a68d704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jul 2024 21:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jul 2024 20:00:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jul 2024 21:50:50 GMT
font-awesome.min.css
cdn.jsdelivr.net/fontawesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 24 Jul 2024 21:50:50 GMT
age
1982703
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7114
x-served-by
cache-fra-etou8220129-FRA
etag
W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.js
www.gemax-online.de/wp-includes/js/jquery/
99 KB
99 KB
Script
General
Full URL
https://www.gemax-online.de/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
b100589e75a25cf64ff621d0c7b9ecd486b1008f6c4aa6d1bc6cfe154fbf09a3

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:50 GMT
last-modified
Mon, 31 Jul 2023 17:26:47 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"64c7eed7-18b21"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
101153
expires
Thu, 24 Jul 2025 21:50:50 GMT
/
www.gemax-online.de/
28 KB
28 KB
Stylesheet
General
Full URL
https://www.gemax-online.de/?custom-css=a019571170
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
8540c7c55e7633ce5389e985a86cd43a0afb0d16f1de63e9cd5af5000bb6db38

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
text/css;charset=UTF-8
pragma
no-cache
date
Wed, 24 Jul 2024 21:50:51 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx
expires
Thu, 24 Jul 2025 21:50:51 GMT
s-202430.js
stats.wp.com/
9 KB
4 KB
Script
General
Full URL
https://stats.wp.com/s-202430.js
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d92c0cb8715f872b995e9166602b68fd389905b7942fe245ce0eaf9ae9743686

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nc
HIT hhn
date
Wed, 24 Jul 2024 21:50:51 GMT
content-encoding
br
last-modified
Thu, 07 Dec 2023 08:03:56 GMT
server
nginx
etag
W/"65717c6c-25ea"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 21 Jul 2025 15:18:51 GMT
cropped-logo_gemax_hg_trans_iKw.png
www.gemax-online.de/wp-content/uploads/2019/05/
33 KB
33 KB
Image
General
Full URL
https://www.gemax-online.de/wp-content/uploads/2019/05/cropped-logo_gemax_hg_trans_iKw.png
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
8bd11310ebb228f2b69e2c4bb229f558bffd46b5d972df904e933d98afcc56cf

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:50 GMT
last-modified
Mon, 13 May 2019 08:19:35 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5cd92897-82a1"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
33441
expires
Thu, 24 Jul 2025 21:50:50 GMT
Fotolia_81890930_S_moderne-K%C3%BCchenorganisation-324x324.jpg
www.gemax-online.de/wp-content/uploads/2018/05/
24 KB
24 KB
Image
General
Full URL
https://www.gemax-online.de/wp-content/uploads/2018/05/Fotolia_81890930_S_moderne-K%C3%BCchenorganisation-324x324.jpg
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
c9c08fb03c19a16143ef915fe8cc39219945a900e5308799bcfe2db8049e9858

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:50 GMT
last-modified
Mon, 01 Oct 2018 08:53:03 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5bb1e06f-5ee6"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
24294
expires
Thu, 24 Jul 2025 21:50:50 GMT
mitarbeiter_organisieren-324x324.png
www.gemax-online.de/wp-content/uploads/2018/05/
89 KB
89 KB
Image
General
Full URL
https://www.gemax-online.de/wp-content/uploads/2018/05/mitarbeiter_organisieren-324x324.png
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
f995b3e4829d788fff414ec98b1426bd98255f01d6c7ebdc17f2e02ad0a82a00

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:50 GMT
last-modified
Mon, 01 Oct 2018 08:53:03 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5bb1e06f-16307"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
90887
expires
Thu, 24 Jul 2025 21:50:50 GMT
gm-api-324x324.png
www.gemax-online.de/wp-content/uploads/2018/05/
96 KB
96 KB
Image
General
Full URL
https://www.gemax-online.de/wp-content/uploads/2018/05/gm-api-324x324.png
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
2b7749190d6318d22e407a49fc01e1433fcfa2bd38ff5723530f10c86109b2bc

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:50 GMT
last-modified
Mon, 01 Oct 2018 08:53:03 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5bb1e06f-17eba"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
97978
expires
Thu, 24 Jul 2025 21:50:50 GMT
fotolia_96929464_s_marktfuehrer_positionierung-324x324.jpg
www.gemax-online.de/wp-content/uploads/2018/06/
11 KB
11 KB
Image
General
Full URL
https://www.gemax-online.de/wp-content/uploads/2018/06/fotolia_96929464_s_marktfuehrer_positionierung-324x324.jpg
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
de632bce828768f04582ae74262960d2ed00105b45f8360026730979572facbe

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:50 GMT
last-modified
Mon, 01 Oct 2018 08:52:52 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5bb1e064-2b71"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
11121
expires
Thu, 24 Jul 2025 21:50:50 GMT
Vedad-Hadziabdic-Maitre-dhotel-2-2.jpg
www.gemax-online.de/wp-content/uploads/2019/07/
42 KB
42 KB
Image
General
Full URL
https://www.gemax-online.de/wp-content/uploads/2019/07/Vedad-Hadziabdic-Maitre-dhotel-2-2.jpg
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
b07e40107e09f5242eb8c186c454b6175997602bf3c15b7d227b725137ded8c8

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:50 GMT
last-modified
Thu, 11 Jul 2019 14:12:06 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5d2743b6-a6aa"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
42666
expires
Thu, 24 Jul 2025 21:50:50 GMT
placeholder.png
www.gemax-online.de/wp-content/plugins/woocommerce/assets/images/
23 KB
23 KB
Image
General
Full URL
https://www.gemax-online.de/wp-content/plugins/woocommerce/assets/images/placeholder.png
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
de65e9cba4a828752b859748f89d530b1bba8e2f1ddfeb2c6b71d3e91e71ad1c

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:51 GMT
last-modified
Fri, 30 Nov 2018 09:17:13 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5c010019-5c7b"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
23675
expires
Thu, 24 Jul 2025 21:50:51 GMT
devicepx-jetpack.js
s0.wp.com/wp-content/js/
8 KB
3 KB
Script
General
Full URL
https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202430
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e93e9f28c6e8c3ed7f642e1a7a67a4a294ffabbc49909ae5d8bbaa48238ba3e9

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-minify-cache
hit
date
Wed, 24 Jul 2024 21:50:51 GMT
content-encoding
br
x-ac
2.hhn _dfw MISS
x-minify
t
alt-svc
h3=":443"; ma=86400
x-nc
HIT hhn 2
server
nginx
etag
W/21174-1684465248937.7231
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Mon, 21 Jul 2025 23:50:20 GMT
e-202430.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202430.js
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Wed, 24 Jul 2024 21:50:51 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14421-1717166113344.7605
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 14 Jul 2025 05:51:13 GMT
f1127ded8dc6bfd25410bb05529f2695.js
www.gemax-online.de/wp-content/cache/min/1/
305 KB
305 KB
Script
General
Full URL
https://www.gemax-online.de/wp-content/cache/min/1/f1127ded8dc6bfd25410bb05529f2695.js
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
cc322245df717421dc180282f5738e2da9116de3d1274a6e71fe4d45119a2378

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:51 GMT
last-modified
Tue, 29 Aug 2023 17:01:03 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"64ee244f-4c2db"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
312027
expires
Thu, 24 Jul 2025 21:50:51 GMT
get.js
stay.linestoget.com/scripts/
35 KB
14 KB
Script
General
Full URL
https://stay.linestoget.com/scripts/get.js?v=1.0.1
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.66.79.252 Chisinau, Moldova, ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD),
Reverse DNS
Software
nginx /
Resource Hash
cda12569b1a3e93d1fa111423a1a090af2efb84244617278be55952f3b5cbf3e

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:51 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
14453
Ngldky35ZZk
www.youtube.com/embed/ Frame 84FC
0
0
Document
General
Full URL
https://www.youtube.com/embed/Ngldky35ZZk?enablejsapi=1&origin=https://www.gemax-online.de&autoplay=0&cc_load_policy=0&iv_load_policy=1&loop=0&modestbranding=1&rel=1&showinfo=1&fs=1&playsinline=1&controls=2&color=red&autohide=2&theme=dark&
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gemax-online.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 21:50:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
ga-local.js
www.gemax-online.de/wp-content/cache/busting/google-tracking/
52 KB
52 KB
Script
General
Full URL
https://www.gemax-online.de/wp-content/cache/busting/google-tracking/ga-local.js
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:51 GMT
last-modified
Fri, 03 May 2024 04:16:10 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"6634650a-ceb4"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
52916
expires
Thu, 24 Jul 2025 21:50:51 GMT
lazyload-10.17.min.js
www.gemax-online.de/wp-content/plugins/wp-rocket/inc/front/js/
5 KB
5 KB
Script
General
Full URL
https://www.gemax-online.de/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.17.min.js
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
312e71f4f53cd28a50eaa9cdfffc02a6056e7e888d5774163159be56f50920e3

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:51 GMT
last-modified
Tue, 04 Dec 2018 15:12:45 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5c06996d-140a"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
5130
expires
Thu, 24 Jul 2025 21:50:51 GMT
fa-solid-900.woff2
www.gemax-online.de/wp-content/themes/storefront/assets/fonts/
43 KB
43 KB
Font
General
Full URL
https://www.gemax-online.de/wp-content/themes/storefront/assets/fonts/fa-solid-900.woff2
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
08f7874f8336b47e49d9719c38cea16cdea6362962f5001db3f2d0bb47332357

Request headers

Referer
https://www.gemax-online.de/
Origin
https://www.gemax-online.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:51 GMT
last-modified
Mon, 29 Oct 2018 11:39:14 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5bd6f162-abe4"
x-download-options
noopen
vary
Accept-Encoding
x-dns-prefetch-control
on
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
44004
expires
Tue, 29 Oct 2019 11:39:14 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,300italic,400italic,600,700,900&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gemax-online.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:59:14 GMT
x-content-type-options
nosniff
age
121897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14160
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 11:59:14 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,300italic,400italic,600,700,900&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gemax-online.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:43:56 GMT
x-content-type-options
nosniff
age
122815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 11:43:56 GMT
truncated
/
302 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
682 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
391 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
749634fbb2fa7083850b8aed57642633e62091064bfcc5d224a7fba6e995893c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
425 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
780 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71410de1f37e7f42ef4bc1e8d86672888211c1efb6b97ae0c52eb4e4d05dfd94

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
418 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
512669dc4f837995eafd164977b5175ec85532f74c0f41924f37fad0cce6664c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
709 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5f7b8aba3da4ebcd330d8899970b0c32082ffdd630ab523a4c5adecbd1675d4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
436 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
204 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b172a9d8d578a8d4636e5ba510be933daf1e1f0a236d242d9e9a518c8fb134a7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
327 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
fontawesome-webfont.woff2
cdn.jsdelivr.net/fontawesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdn.jsdelivr.net/fontawesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
Origin
https://www.gemax-online.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Jul 2024 21:50:51 GMT
x-content-type-options
nosniff
age
140117
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
77160
x-served-by
cache-fra-etou8220051-FRA
etag
W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/wp-content/cache/min/1/f1127ded8dc6bfd25410bb05529f2695.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
1097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 24 Jul 2024 22:32:34 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/wp-content/cache/min/1/f1127ded8dc6bfd25410bb05529f2695.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:44:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
368
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 24 Jul 2024 22:44:43 GMT
publisher:getClientId
ampcid.google.com/v1/
74 B
442 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/wp-content/cache/min/1/f1127ded8dc6bfd25410bb05529f2695.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Jul 2024 21:50:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gemax-online.de
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/wp-content/cache/min/1/f1127ded8dc6bfd25410bb05529f2695.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a32aaddc54624b6adf6476e46346f2fc5cd7497a97f958bb01ab202781796f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 24 Jul 2024 21:50:51 GMT
fbevents.js
connect.facebook.net/en_US/
224 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/wp-content/cache/min/1/f1127ded8dc6bfd25410bb05529f2695.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Jul 2024 21:50:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1328, tbw=2802, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
xxhD4qo6NLu5xLU56b5LMM9FIa+AqFrMMDJpDi88O+BKBxQF1uLsQ6bcGdR1lPMx5dYbQUvoTdbKXF6UneacDA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
follow.js
go.weatherplllatform.com/fly/
17 KB
8 KB
Script
General
Full URL
https://go.weatherplllatform.com/fly/follow.js?v=3.7.3
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/wp-content/cache/min/1/f1127ded8dc6bfd25410bb05529f2695.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.10.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.10.216.95.clients.your-server.de
Software
nginx /
Resource Hash
c239b6c07071b05c7bacf4046f4baf5dee01d6e20f77dec894ed0b034f82f76b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Jul 2024 21:50:51 GMT
Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2024 21:50:51 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
check.js
stay.linestoget.com/scripts/
35 KB
14 KB
Script
General
Full URL
https://stay.linestoget.com/scripts/check.js?v=5.55.5
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.66.79.252 Chisinau, Moldova, ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD),
Reverse DNS
Software
nginx /
Resource Hash
cda12569b1a3e93d1fa111423a1a090af2efb84244617278be55952f3b5cbf3e

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:51 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
14453
head.js
sleep.stratosbody.com/scripts/
47 KB
19 KB
Script
General
Full URL
https://sleep.stratosbody.com/scripts/head.js?v=3.8.0
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.42.142.89 Meppel, Netherlands, ASN199058 (SERVAONE, GB),
Reverse DNS
Software
nginx /
Resource Hash
33defd33b886a02fd3620983a3fcf9d09b311982f44df73a6781845405ba9c40

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:51 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
19559
sdk.js
connect.facebook.net/de_DE/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/de_DE/sdk.js
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/wp-content/cache/min/1/f1127ded8dc6bfd25410bb05529f2695.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4626ffba3542fcf5993371a854281c9500f5998b9452508ee35b1ef7150fd89b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jul 2024 21:50:51 GMT
content-md5
QZ3u++rZif6Cl+TlwlkDGA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=63, mss=1328, tbw=64199, tp=-1, tpl=-1, uplat=129, ullat=0
x-fb-debug
0nSiRiO1U8nag6i7REmeOc1nGpXPtyaKgVZMJSzTi2RQfaCbpK8EwGVkDKYMtS1kYb97mo2jCS5BaecF4q+G0Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b6904d90de85eb26024489ba75419e84
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"ef389229dc3f2812058d1166c7b06f2f"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 24 Jul 2024 22:10:51 GMT
/
www.gemax-online.de/
789 B
863 B
XHR
General
Full URL
https://www.gemax-online.de/?wc-ajax=get_refreshed_fragments
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
6e8b27e9e5512629df555cf7949207776504bf2aee608c552109f9897e558bf4

Request headers

Accept
*/*
Referer
https://www.gemax-online.de/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

server
nginx
date
Wed, 24 Jul 2024 21:50:51 GMT
content-type
application/json; charset=UTF-8
g.gif
pixel.wp.com/
50 B
177 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A6.8&blog=147763771&post=34&tz=2&srv=www.gemax-online.de&host=www.gemax-online.de&ref=&fcp=980&rand=0.93161651107296
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 24 Jul 2024 21:50:51 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wirtschaftlicher-erfolg-icon.png
www.gemax-online.de/wp-content/uploads/2018/05/
12 KB
13 KB
Image
General
Full URL
https://www.gemax-online.de/wp-content/uploads/2018/05/wirtschaftlicher-erfolg-icon.png
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
7cb31dfce3196229a7a45ce7feed81aff5899fc8c10de4c714fc1ab68fe340bf

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:51 GMT
last-modified
Mon, 01 Oct 2018 08:53:04 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5bb1e070-30c8"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
12488
expires
Thu, 24 Jul 2025 21:50:51 GMT
glueckliche-gaeste-icon-1.png
www.gemax-online.de/wp-content/uploads/2018/05/
3 KB
3 KB
Image
General
Full URL
https://www.gemax-online.de/wp-content/uploads/2018/05/glueckliche-gaeste-icon-1.png
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
15e4ab306c3a6eded08064f73658787da68918295f91630cded2a9d5c749636c

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:51 GMT
last-modified
Mon, 01 Oct 2018 08:53:04 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5bb1e070-b8b"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2955
expires
Thu, 24 Jul 2025 21:50:51 GMT
persoenliche-lebensqualitaet-icon-1.png
www.gemax-online.de/wp-content/uploads/2018/05/
2 KB
2 KB
Image
General
Full URL
https://www.gemax-online.de/wp-content/uploads/2018/05/persoenliche-lebensqualitaet-icon-1.png
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.136.86.14 Oberhausen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vx03.ge-max.de
Software
nginx /
Resource Hash
03f18defdd79e5f29c95e1dc9d2381c866ce1790bfb0f0f0d544d51b31192830

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 24 Jul 2024 21:50:51 GMT
last-modified
Mon, 01 Oct 2018 08:53:04 GMT
server
nginx
x-permitted-cross-domain-policies
all
etag
"5bb1e070-85b"
x-download-options
noopen
x-dns-prefetch-control
on
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2139
expires
Thu, 24 Jul 2025 21:50:51 GMT
www-widgetapi.js
www.youtube.com/s/player/3400486c/www-widgetapi.vflset/
31 KB
11 KB
Script
General
Full URL
https://www.youtube.com/s/player/3400486c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 18:41:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
11345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10518
x-xss-protection
0
last-modified
Tue, 23 Jul 2024 04:18:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 24 Jul 2025 18:41:46 GMT
publisher:getClientId
ampcid.google.de/v1/
3 B
371 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/wp-content/cache/min/1/f1127ded8dc6bfd25410bb05529f2695.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Jul 2024 21:50:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gemax-online.de
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
rthrttu.php
cdn.rdntocdns.com/
32 KB
13 KB
XHR
General
Full URL
https://cdn.rdntocdns.com/rthrttu.php
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.9.149.210 Amsterdam, Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
b94a4300556258e234d5c9f063bf7abe3367a2fd1feb686aa15104a9cf6e6641

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jul 2024 21:50:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
13091
VVsxS1
sources.readytocheckline.com/
16 KB
8 KB
Script
General
Full URL
https://sources.readytocheckline.com/VVsxS1
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
4894693b6bf12c7a37d6dd1a8309e9ea06d16e8ed1099cca421940ea659012b9

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pWrxSv19iZGgso2NeRxCUSQ9cwxd%2FQLEWWVn%2F9XKISv6jIfFw%2FeA%2F%2Be3hRn6fA3NYjIw7n6AuzHG9t86PsQzze1SM7OQdt9MTZopI6XZcdMSm4z%2Ff8WrxvZhJTExieTcQtRAh%2BdMB1H3bsVVSbjEtIiTGKYe40B3I2gz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8a8720daae912be4-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jul 2024 21:50:52 GMT
collect
www.google-analytics.com/
35 B
200 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j77&a=1770838728&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gemax-online.de%2F&ul=de-de&de=UTF-8&dt=GeMax%20-%20DAS%20Erfolgssystem%20f%C3%BCr%20Hotel%20und%20Gastro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUIrAAQC~&jid=1965544280&gjid=1295488675&cid=829960471.1721857853&tid=UA-56970890-1&_gid=1015802482.1721857853&did=i5iSjo&z=1899771653
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 10:43:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40062
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
35 B
337 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-56970890-1&cid=829960471.1721857853&jid=1965544280&gjid=1295488675&_gid=1015802482.1721857853&_u=aGBAgUIrAAQC~&z=911177756
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Jul 2024 21:50:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j77&a=1770838728&t=pageview&_s=2&dl=https%3A%2F%2Fwww.gemax-online.de%2F&ul=de-de&de=UTF-8&dt=GeMax%20-%20DAS%20Erfolgssystem%20f%C3%BCr%20Hotel%20und%20Gastro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiUIrBAQC~&jid=&gjid=&cid=829960471.1721857853&tid=UA-56970890-1&_gid=1015802482.1721857853&did=i5iSjo&_av=2.4.0&_au=20&z=1123452010
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 10:43:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40062
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
domfehu.com/
25 KB
12 KB
Script
General
Full URL
https://domfehu.com/?lpr==0jcmYkMlUGZuUmbpxmbv1Ceh1WZn5yd3dnRyUiRyUSQzUycwRHdo1TdmUjN00DZpN2cmcTPklWY
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.10.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.10.216.95.clients.your-server.de
Software
nginx /
Resource Hash
459daf89cb55bca226d38f05b73092b38a82bdcb53698afc09ea723d90c9a5f7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Jul 2024 21:50:52 GMT
Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2024 21:50:52 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
rthrttu.php
cdn.rdntocdns.com/
32 KB
13 KB
XHR
General
Full URL
https://cdn.rdntocdns.com/rthrttu.php
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.9.149.210 Amsterdam, Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
b94a4300556258e234d5c9f063bf7abe3367a2fd1feb686aa15104a9cf6e6641

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jul 2024 21:50:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
13091
rthrttu.php
cdn.rdntocdns.com/
32 KB
13 KB
XHR
General
Full URL
https://cdn.rdntocdns.com/rthrttu.php
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.9.149.210 Amsterdam, Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
b94a4300556258e234d5c9f063bf7abe3367a2fd1feb686aa15104a9cf6e6641

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jul 2024 21:50:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
13091
sdk.js
connect.facebook.net/de_DE/
299 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/de_DE/sdk.js?hash=7da394c9d5f6c99a9cca9daacd28ce10
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
365a5986881418636f47b3e2d78a877d8a9903b78e4cff2c02f7612dff59acd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.gemax-online.de/
Origin
https://www.gemax-online.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jul 2024 21:50:52 GMT
content-md5
KmY5lKjq3oFnphj/JWIo8g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87673
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4337, tp=9, tpl=0, uplat=2, ullat=-1
x-fb-debug
WvXpNSCZDLM7B0229VtYA/Bi1A8Ewo9h0JzDhwFoAUN8aCzMMUZ57kr8EarDuhxMeZ28yBTYC92LLbJq4NbsFg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d6d09cb691f73641b1c868d73011d510
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"b973b9de9963e3d9f6ad3daf7b9e63f7"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 24 Jul 2025 20:53:32 GMT
tKWSNy
sources.readytocheckline.com/
14 KB
7 KB
Script
General
Full URL
https://sources.readytocheckline.com/tKWSNy?q=www.gemax-online.de
Requested by
Host: sources.readytocheckline.com
URL: https://sources.readytocheckline.com/VVsxS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
7cce622e4a12b3a8471ff79199c61ce0b0f49fd8abd6d9e6daff6fab43b8d6e5

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCrAmbPpo%2BFn%2FCQ1wOX9Hp9%2FWC6h0Q0bpTojI1CBwcxwmYfhXkajFx0tbtouW123SzpmXn9TxpbZS8CnG%2FPuf6cZVKm%2Bmswd8ONDNilFkotdB%2BMYC1NApir27IuF7aSdAdlLECmjj9g8qcwRnmXhjflgQ8HKoXxrzed9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8a8720dc78722be4-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jul 2024 21:50:52 GMT
ws6x9D
rt1.readytocheckline.com/
27 KB
11 KB
Script
General
Full URL
https://rt1.readytocheckline.com/ws6x9D?c=www.gemax-online.de
Requested by
Host: sources.readytocheckline.com
URL: https://sources.readytocheckline.com/tKWSNy?q=www.gemax-online.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
c032d8a824404a9f39c2a9abe1a1ba8f35411449301d06299ec0115739a191ce

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03F4hCFDlHnGffFMT3MuJ4QPGSCXZlQkMK92LDXkZPdxxIo79%2FKcIn4tlUVk2pz%2F9Dr6geMxH9f0NId1eGV3IhY64GoGxYE2AdWEYWF%2BYtaCe5zV5Vk92qBp1hYp0YdH63vAjUh%2FzakfzgyD0NaTxprZTTIm6mc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8a8720de1a292be4-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jul 2024 21:50:53 GMT
zbLzKF
sources.readytocheckline.com/
9 KB
5 KB
Script
General
Full URL
https://sources.readytocheckline.com/zbLzKF
Requested by
Host: rt1.readytocheckline.com
URL: https://rt1.readytocheckline.com/ws6x9D?c=www.gemax-online.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2FFpFyDoY4Ty%2BP9M7NPdbbIZnJWPYdjQtfaeIjOk0bmbosAN%2BWhfFZiC5aRinmd62hgT6TFH5XK%2BQck7PBUhfTxLvEzoyDEY9rN3dnC3oTplSPDouNFgENaMhoOAWD%2B7Z2E8HGP3vTFAat9aY6kA8BnCQtNUbd%2FdmQ9Z"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
8a8720df2b0d2be4-FRA
access-control-allow-headers
X-Requested-With
expires
Wed, 24 Jul 2024 21:50:53 GMT
popunder1000.js
a.exdynsrv.com/
98 KB
37 KB
Script
General
Full URL
https://a.exdynsrv.com/popunder1000.js
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 24 Jul 2024 21:50:53 GMT
content-encoding
gzip
x-accel-date-max
1721833671
x-77-cache
HIT
x-cache
HIT
x-age
3528
x-accel-date
1721854325
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwB1GY4tAH3yA0AAAwBJRPCLgH3ZQQAAA
x-accel-expires
@1721864957
x-77-age
3528
server
CDN77-Turbo
etag
W/"08c4ef939943d3c995d91911f95"
x-77-nzt-ray
6d204d11a7450a9e3d77a166174e0a1e
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Wed, 24 Jul 2024 17:49:06 GMT
xI2Y2ATY4MTZxMmNxUmNyADNwYjZyE2YjRmNwQzM5MTX8t1LlRmLl5Was52btgXYtV2Zuc3d39yL6MHc0RHadx3WyUDO3UDOxIzNx0FfbBTNdx3W4QTMykjMyETX8t1N1ITX8tlNzUDN5IDMwITX8tVN2QTX8t1N
domfehu.com/pxl/
0
437 B
Image
General
Full URL
https://domfehu.com/pxl/xI2Y2ATY4MTZxMmNxUmNyADNwYjZyE2YjRmNwQzM5MTX8t1LlRmLl5Was52btgXYtV2Zuc3d39yL6MHc0RHadx3WyUDO3UDOxIzNx0FfbBTNdx3W4QTMykjMyETX8t1N1ITX8tlNzUDN5IDMwITX8tVN2QTX8t1N
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.10.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.10.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Jul 2024 21:50:53 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Wed, 24 Jul 2024 21:50:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/png
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
4qddQb
go.perfectlinestarter.com/
Redirect Chain
  • https://ready.perfectlinestarter.com/2hZQjb
  • https://go.perfectlinestarter.com/4qddQb
204 B
614 B
Document
General
Full URL
https://go.perfectlinestarter.com/4qddQb
Requested by
Host: sources.readytocheckline.com
URL: https://sources.readytocheckline.com/zbLzKF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bdba3f88cb358fb8dbc6be011c7807f6146076852c1dd3f5a99ec46d74eff42

Request headers

Referer
https://www.gemax-online.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a8720e16f711e4a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 24 Jul 2024 21:50:53 GMT
expires
Wed, 24 Jul 2024 21:50:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hW08Tv%2FmDf%2BLq7MTepr1mjrqOpH2FaYzSDFP14i62ieU9ZrZbU14ZizK0GtxRULJKzhxrf0u1D%2B9W3ZU%2B4Rd9%2Bu3gbbq3aT8TiB5n7utXnlq4VMGYb8TbDwQvk7rEybu%2FHUvJBmWwca6krHKXJc7IWnIkjRLV6j9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a8720e09e6d1e4a-FRA
content-type
text/html; charset=utf-8
date
Wed, 24 Jul 2024 21:50:53 GMT
expires
Wed, 24 Jul 2024 21:50:53 GMT
location
https://go.perfectlinestarter.com/4qddQb
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HSJVpaswxiTCOOJOH%2FpgHF4OPPBzqcg7h%2FFL%2F%2BnAD25YEckFtfkszntK8CRBl91ldXGDVGMvPHFvSVv%2BidParPkyi3zXS61CF7EJaY4qenAq%2BxHCezARWMu6GNQGl7lT5JZAH2BJAUKpQbZRETxc22ft0hNPVf%2BRbmE0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
venor.php
syndication.exdynsrv.com/
1 B
282 B
XHR
General
Full URL
https://syndication.exdynsrv.com/venor.php
Requested by
Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/popunder1000.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ds03.evo.0x3e.net
Software
nginx /
Resource Hash

Request headers

Referer
https://www.gemax-online.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 24 Jul 2024 21:50:53 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Robots-Tag
noindex, follow
7MjvR5
go.perfectlinestarter.com/
241 B
645 B
Document
General
Full URL
https://go.perfectlinestarter.com/7MjvR5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a8720e268971e4a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 24 Jul 2024 21:50:53 GMT
expires
Wed, 24 Jul 2024 21:50:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVKz6e0%2F%2BUiT556QYdNVyyUkg%2BT0xXsQukLV3juBYQSswiUTdj94CVnX3LNGngTbNVdf8du0DJRQXkNA55%2FlW4S3Doo9BhrqA1yxBkE8pIqrN4IMpS0ViOFO5QJEiPXk1pQLxLI73FY3u7sJCi3fM8%2FhhuxXT%2BEt"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
favicon.ico
go.perfectlinestarter.com/
548 B
570 B
Other
General
Full URL
https://go.perfectlinestarter.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2f39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
81
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0XMsO2zb22zCZXl7qV1uE0t5Jof0u9XCYbnSsrMUI1xNoH%2FmD%2BdJ%2F8%2BTuSzx9VbsMlcX4t3Q2qkvi7bFkcqs%2B3febRiuxwyj70T5glad2viBVOkUKIY3s4sMpUSwU0UUzLSt2XbkSkQ%2FgoLmylzOxgozOosElFR2"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
8a8720e268991e4a-FRA
alt-svc
h3=":443"; ma=86400
/
roselinetoday.com/
18 KB
8 KB
Document
General
Full URL
https://roselinetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=stars&sub3=jekitas5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b1f09e3628bd7873a31f716a537ff535bcf32b1551b9fbc28da405fd51d7041

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a8720e369506adc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 21:50:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fg9ncPbGhYVtW1O2J2Ms09B5FfujmbO6HoYDVZo9WI0CuwtzivMPH0YZNYtF%2BCvSp%2FYKLuBs0LzeDKNloAMJb7T4lNJGTCkkiY8H1g3MHFpbIFlQzcjSclSDfv%2F03fkjJxpKz340ewj8bUnbG5L7Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
favicon.ico
roselinetoday.com/
0
422 B
Other
General
Full URL
https://roselinetoday.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://roselinetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=stars&sub3=jekitas5
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4033
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QjoAeJI%2FNO5RTHiJinLIL8iO4N0MZWuxZNG3twVpBzI8FLoWamrdkgmdNHJRUTQUFAC0iGt6O8bGmD9JsQtPC2N4xgmHslrxH7SxdQABhCN36shY82%2FfnnR8m4wFOZ%2F%2BByTWr2BRZryn0U5ozgX2Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8a8720e419e06adc-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
0.roselinetoday.com/
18 KB
8 KB
Document
General
Full URL
https://0.roselinetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=stars&sub3=jekitas5
Requested by
Host: www.gemax-online.de
URL: https://www.gemax-online.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:36cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655bc5f0fb430a0d471f43c68fda9141e80a977ff215a6d3ef48fba5af67b2a8

Request headers

Referer
https://roselinetoday.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a8720f18cf971dc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 21:50:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PzdW29x7219uamXyqAffRRQd8FaW%2BjSqIgACBkF0T3LqLYFcK%2BnUr6%2FMRevaVKllPHcsbCMtYRP2yd2CgDLHKWLPkOetWFPG%2F8TsMPnM6bwFgaZmAz5xNQhgQwTHhMhJ8lxnG4FTd8Pjifbwchz2sCBN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
truncated
/
378 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
377 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
0.roselinetoday.com/
0
274 B
Other
General
Full URL
https://0.roselinetoday.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:36cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0.roselinetoday.com/?p=hfswkobumm5gi3bpha4dini&sub1=stars&sub3=jekitas5
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:50:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6633
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6BWMyvTlPU3trR7OdJP%2F%2B8%2BYb5%2FRTRq%2FM07zHg8Q%2Bk1sCL4tU%2BN053xc9YDQfoSdqwCiJUfhSwnDSK8AniAjRKg9kvdrOTwABOQ5uwABHZdpnDAwI6wv4haWc3ylglOVq6vwJcZ%2BlYG8E8m82Qfbusx"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8a8720f21d7371dc-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array

14 Cookies

Domain/Path Name / Value
gemax-online.de/ Name: PHPSESSID
Value: vae3etk27803d28e90b7jtvhcj
www.gemax-online.de/ Name: PHPSESSID
Value: tar9v3ep3ekvlqsn02jsnqen8v
.youtube.com/ Name: YSC
Value: 8rbp__0Q1Z4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: q6HOe7RDkuE
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJSTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgKw%3D%3D
.gemax-online.de/ Name: tk_or
Value: %22%22
.gemax-online.de/ Name: tk_r3d
Value: %22%22
.gemax-online.de/ Name: tk_lr
Value: %22%22
.gemax-online.de/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.gemax-online.de/ Name: _ga
Value: GA1.2.829960471.1721857853
.gemax-online.de/ Name: _gid
Value: GA1.2.1015802482.1721857853
.gemax-online.de/ Name: _gat
Value: 1
.roselinetoday.com/ Name: uuid
Value: 0ebb7bfe-6985-43f8-8dbc-6e103ede96e0
.0.roselinetoday.com/ Name: uuid
Value: 0ebb7bfe-6985-43f8-8dbc-6e103ede96e0

1 Console Messages

Source Level URL
Text
network error URL: https://go.perfectlinestarter.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.roselinetoday.com
a.exdynsrv.com
ampcid.google.com
ampcid.google.de
cdn.jsdelivr.net
cdn.rdntocdns.com
connect.facebook.net
domfehu.com
fonts.googleapis.com
fonts.gstatic.com
gemax-online.de
go.perfectlinestarter.com
go.weatherplllatform.com
pixel.wp.com
ready.perfectlinestarter.com
roselinetoday.com
rt1.readytocheckline.com
s0.wp.com
sleep.stratosbody.com
sources.readytocheckline.com
stats.g.doubleclick.net
stats.wp.com
stay.linestoget.com
syndication.exdynsrv.com
www.gemax-online.de
www.google-analytics.com
www.youtube.com
192.0.76.3
192.0.77.32
2001:4860:4802:34::178
2606:4700:3030::6815:2f39
2606:4700:3033::ac43:8e11
2606:4700:3035::ac43:c006
2606:4700:3036::6815:36cc
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:813::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:828::200e
2a00:1450:400c:c0c::9d
2a02:6ea0:c700::22
2a03:2880:f083:9:face:b00c:0:3
2a04:4e42:600::485
45.9.149.210
80.66.79.252
83.136.86.14
89.42.142.89
95.211.229.248
95.216.10.178
03f18defdd79e5f29c95e1dc9d2381c866ce1790bfb0f0f0d544d51b31192830
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
08f7874f8336b47e49d9719c38cea16cdea6362962f5001db3f2d0bb47332357
15e4ab306c3a6eded08064f73658787da68918295f91630cded2a9d5c749636c
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746
2839a03776d5a3f93f4313c9a90215b6a26a453b775e39c47a2444742dd1faa4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b7749190d6318d22e407a49fc01e1433fcfa2bd38ff5723530f10c86109b2bc
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
312e71f4f53cd28a50eaa9cdfffc02a6056e7e888d5774163159be56f50920e3
33defd33b886a02fd3620983a3fcf9d09b311982f44df73a6781845405ba9c40
365a5986881418636f47b3e2d78a877d8a9903b78e4cff2c02f7612dff59acd4
3b1f09e3628bd7873a31f716a537ff535bcf32b1551b9fbc28da405fd51d7041
459daf89cb55bca226d38f05b73092b38a82bdcb53698afc09ea723d90c9a5f7
4626ffba3542fcf5993371a854281c9500f5998b9452508ee35b1ef7150fd89b
4894693b6bf12c7a37d6dd1a8309e9ea06d16e8ed1099cca421940ea659012b9
4a32aaddc54624b6adf6476e46346f2fc5cd7497a97f958bb01ab202781796f6
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
512669dc4f837995eafd164977b5175ec85532f74c0f41924f37fad0cce6664c
54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
655bc5f0fb430a0d471f43c68fda9141e80a977ff215a6d3ef48fba5af67b2a8
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
6e8b27e9e5512629df555cf7949207776504bf2aee608c552109f9897e558bf4
71410de1f37e7f42ef4bc1e8d86672888211c1efb6b97ae0c52eb4e4d05dfd94
749634fbb2fa7083850b8aed57642633e62091064bfcc5d224a7fba6e995893c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bdba3f88cb358fb8dbc6be011c7807f6146076852c1dd3f5a99ec46d74eff42
7cb31dfce3196229a7a45ce7feed81aff5899fc8c10de4c714fc1ab68fe340bf
7cce622e4a12b3a8471ff79199c61ce0b0f49fd8abd6d9e6daff6fab43b8d6e5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8540c7c55e7633ce5389e985a86cd43a0afb0d16f1de63e9cd5af5000bb6db38
89a0a5fe654917c17845ff385b2ae2ea116d932f57ca90b012869f608a68d704
8bd11310ebb228f2b69e2c4bb229f558bffd46b5d972df904e933d98afcc56cf
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9bff37581a37c7c98f4237af69f6f737b85322cd2b4823a36c95413a11feec68
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138
b07e40107e09f5242eb8c186c454b6175997602bf3c15b7d227b725137ded8c8
b100589e75a25cf64ff621d0c7b9ecd486b1008f6c4aa6d1bc6cfe154fbf09a3
b172a9d8d578a8d4636e5ba510be933daf1e1f0a236d242d9e9a518c8fb134a7
b94a4300556258e234d5c9f063bf7abe3367a2fd1feb686aa15104a9cf6e6641
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed
c032d8a824404a9f39c2a9abe1a1ba8f35411449301d06299ec0115739a191ce
c239b6c07071b05c7bacf4046f4baf5dee01d6e20f77dec894ed0b034f82f76b
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7
c5f7b8aba3da4ebcd330d8899970b0c32082ffdd630ab523a4c5adecbd1675d4
c9c08fb03c19a16143ef915fe8cc39219945a900e5308799bcfe2db8049e9858
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc322245df717421dc180282f5738e2da9116de3d1274a6e71fe4d45119a2378
cda12569b1a3e93d1fa111423a1a090af2efb84244617278be55952f3b5cbf3e
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651
d92c0cb8715f872b995e9166602b68fd389905b7942fe245ce0eaf9ae9743686
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de632bce828768f04582ae74262960d2ed00105b45f8360026730979572facbe
de65e9cba4a828752b859748f89d530b1bba8e2f1ddfeb2c6b71d3e91e71ad1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93e9f28c6e8c3ed7f642e1a7a67a4a294ffabbc49909ae5d8bbaa48238ba3e9
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e
f995b3e4829d788fff414ec98b1426bd98255f01d6c7ebdc17f2e02ad0a82a00