www.beautywelt.de Open in urlscan Pro
85.13.155.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.clintontownship.alcoholdrugrehabmichigan.com/
Effective URL:
https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=k...
Submission: On May 02 via api (May 2nd 2024, 8:41:48 am UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 58 HTTP transactions. The main IP is 85.13.155.115, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.beautywelt.de.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on November 1st 2023. Valid for: a year.

This is the only time www.beautywelt.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.157.24.8 54.157.24.8	14618 (AMAZON-AES) (AMAZON-AES)
2	72.52.179.174 72.52.179.174	32244 (LIQUIDWEB) (LIQUIDWEB)
4	66.165.243.160 66.165.243.160	29802 (HVC-AS) (HVC-AS)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 6	95.211.116.26 95.211.116.26	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	3.161.82.21 3.161.82.21	16509 (AMAZON-02) (AMAZON-02)
1	3.127.166.121 3.127.166.121	16509 (AMAZON-02) (AMAZON-02)
30	85.13.155.115 85.13.155.115	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
2	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
58	14

1 54.157.24.8 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-24-8.compute-1.amazonaws.com

www.clintontownship.alcoholdrugrehabmichigan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.52.179.174 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

ww99.alcoholdrugrehabmichigan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.165.243.160 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us

r.redirekted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.211.116.26 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com

de-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-21.fra56.r.cloudfront.net

dd.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.166.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-166-121.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 85.13.155.115 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd6430.kasserver.com

www.beautywelt.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.35 (San Francisco, United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	beautywelt.de www.beautywelt.de	136 KB
7	kelkoogroup.net 1 redirects de-go.kelkoogroup.net dd.kelkoogroup.net — Cisco Umbrella Rank: 417525	66 KB
5	paypal.com www.paypal.com — Cisco Umbrella Rank: 2954 t.paypal.com — Cisco Umbrella Rank: 3518	87 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2533	22 KB
4	redirekted.com r.redirekted.com	11 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	286 KB
3	alcoholdrugrehabmichigan.com 1 redirects www.clintontownship.alcoholdrugrehabmichigan.com ww99.alcoholdrugrehabmichigan.com	4 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103	64 B
1	datadome.co api-js.datadome.co — Cisco Umbrella Rank: 4968	414 B
58	9

	Domain	Requested by
30	www.beautywelt.de	de-go.kelkoogroup.net www.beautywelt.de
6	de-go.kelkoogroup.net	1 redirects r.redirekted.com de-go.kelkoogroup.net
4	www.paypal.com	www.beautywelt.de www.paypal.com
4	www.google-analytics.com	r.redirekted.com www.google-analytics.com de-go.kelkoogroup.net
4	r.redirekted.com	ww99.alcoholdrugrehabmichigan.com r.redirekted.com
3	www.googletagmanager.com	www.google-analytics.com www.beautywelt.de www.googletagmanager.com
2	ww99.alcoholdrugrehabmichigan.com	ww99.alcoholdrugrehabmichigan.com
1	t.paypal.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	api-js.datadome.co	dd.kelkoogroup.net
1	dd.kelkoogroup.net	de-go.kelkoogroup.net
1	www.clintontownship.alcoholdrugrehabmichigan.com	1 redirects
58	13

This site contains links to these domains. Also see Links.

Domain
www.idealo.de

Subject Issuer	Validity	Valid
redirekted.com R3	`2024-04-13` - `2024-07-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.kelkoogroup.net Thawte TLS RSA CA G1	`2023-09-14` - `2024-10-10`	a year	crt.sh
dd.kelkoogroup.net R3	`2024-02-14` - `2024-05-14`	3 months	crt.sh
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3	`2023-10-10` - `2024-11-09`	a year	crt.sh
beautywelt.de Sectigo ECC Domain Validation Secure Server CA	`2023-11-01` - `2024-12-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Frame ID: A5745E114BDB4145764AD73AE27FEDFB
Requests: 52 HTTP requests in this frame

Frame: https://r.redirekted.com/go?e=DwCaxHVbDKFdfRAW1UX0uxXYkaL8gwXx1aqvN2XmWlF8IFq8jaq8SzXuAlBeHPpwy3C5kGVyLlL-IlX80KL5ywsmMPM8gwVW1KL0cRs-jUMeHFq5blB0STs-VlK9AaXuy3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxymZ213ElLUnRglq5O2XvyKClLKq6ZQX9fwZ21mCdtlLTcFLbI0rXgvEuHPsV1KW4bRs7bPF8IPp-bFLRu2Z_pPEmV3XTEwLwbHVyDmK55QL80KX99SA7NJBeZaXWcPX4yHsmkaF8gGs9fvC5gQs7ZlB9SzVX1KW4fxX-LFL-IPrtkUWefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Frame ID: EB80919939654241E3FB6C15EF2C54F2
Requests: 5 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVJDWlg0b3FxbWwtU01FVWEyNGZKVVlvZGIzZ3hRQWZZa2JFNXZMZi1JZWtmVWRza3lTbmZQYmlSOWcxclFsTFZ0N1ZxTnd4RjJRSUdkaWEmY3VycmVuY3k9RVVSJmNvbXBvbmVudHM9bWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF91Y3dzaHZyeHp0aHR2bnFpc2d4aGZodmJtd3JqaGoifX0&env=production&scriptUID=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&version=1.63.0&integrationType=SDK
Frame ID: 03DB52056527A81BBF5C3FFBCC32985C
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=30.61&channel=UPSTREAM&page_type=product&style=%7B%22layout%22%3A%22text%22%7D&client_id=ARCZX4oqqml-SMEUa24fJUYodb3gxQAfYkbE5vLf-IekfUdskySnfPbiR9g1rQlLVt7VqNwxF2QIGdia&merchant_config=b01576bd90540b72d94c508f56bd5564517de126&treatments=947b53e529fdcc6232758db4e2470eacbfd73daf&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVJDWlg0b3FxbWwtU01FVWEyNGZKVVlvZGIzZ3hRQWZZa2JFNXZMZi1JZWtmVWRza3lTbmZQYmlSOWcxclFsTFZ0N1ZxTnd4RjJRSUdkaWEmY3VycmVuY3k9RVVSJmNvbXBvbmVudHM9bWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF91Y3dzaHZyeHp0aHR2bnFpc2d4aGZodmJtd3JqaGoifX0&env=production&version=1.63.0&integrationType=SDK&deviceID=uid_0a518237f2_mdg6nde6ndy&sessionID=uid_a18bbea6a7_mdg6nde6ndu&scriptUID=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&message_request_id=uid_c3a54bc4a4_mdg6nde6ndy&disableSetCookie=true
Frame ID: 645FAF2511E26D0A59FAD9F0E6D4DBB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bumble and bumble Curl Conditioner

Page URL History Show full URLs

https://www.clintontownship.alcoholdrugrehabmichigan.com/ HTTP 302
http://ww99.alcoholdrugrehabmichigan.com/ HTTP 307
https://ww99.alcoholdrugrehabmichigan.com/ HTTP 307
http://ww99.alcoholdrugrehabmichigan.com/ Page URL
http://ww99.alcoholdrugrehabmichigan.com/page/bouncy.php?&bpae=GbhGtCkHvUx7ttthwVn3VrL2SciCowz4mmGfqAJ1EAYm2a8pY%2Bhg... Page URL
http://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c37... HTTP 307
https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c37... Page URL
https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliatio... Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e030e23... HTTP 303
https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050... Page URL

Detected technologies

JTL Shop (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

(?:<input[^>]+name="JTLSHOP|<a href="jtl\.php)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

58
Requests

95 %
HTTPS

21 %
IPv6

9
Domains

13
Subdomains

14
IPs

3
Countries

610 kB
Transfer

1592 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.idealo.de/preisvergleich/Shop/313841.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.clintontownship.alcoholdrugrehabmichigan.com/ HTTP 302
http://ww99.alcoholdrugrehabmichigan.com/ HTTP 307
https://ww99.alcoholdrugrehabmichigan.com/ HTTP 307
http://ww99.alcoholdrugrehabmichigan.com/ Page URL
http://ww99.alcoholdrugrehabmichigan.com/page/bouncy.php?&bpae=GbhGtCkHvUx7ttthwVn3VrL2SciCowz4mmGfqAJ1EAYm2a8pY%2BhgwIgiUIj2IP68FKmX8%2F4BZtOd014qkgq194rwT%2B4eciwjBix%2F0Uvu9D4K5yWmnDOdTN8xe5wIDQL8dDoFIYkm3%2Fx03IlpO%2BMEq9x7tkUd6TtdwKnRjIdYt8YfzdyyoOBY13F8qp04L4ph8RdCYlsOPPqd33jVfVSom8MhMPNkTMzGdoHKJqhUoLgJdFxtqgyECsiVhVEjcqcNg3MArQcwVj%2FTNU94ypOPUHeBFII6jdsnh2%2BJB3sf59HAyKDaCTXWxI3HBAs6xxKHGgvbEwFY5Dz5AQM%2BBakUbhTAfMnnl%2FrMn1Kfe9FHfWZ62PMQ4HqISyYw36k7MtSJjwfx6EDZZxCtYYCr7RyDoIY4w7WHOqDi5lHN05vOxRtmkB9fd71QluSdjoKl0zLIrwdA8wImfpCyBIywTc%2F%2BYYMKm%2FP7%2BCpkj5GLyH8T7cUfJ2We3dc%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
http://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08 HTTP 307
https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08 Page URL
https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliationId=96965856&comId=100474218&country=de&offerId=3db94cbeff8f73276f0a2c75400bee3d&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM&custom2=jKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e030e2330b651b0ffd8062d118ffd0eacccf86c27e5fa856480d381b56e173c52d8f417b7f2f7c56f8fccfdb6977396bc0c3311ae91553d0f0c5219a1d009f67a20637cd0cdbd96c8ace1fd4b9f66a052bc09b255ed3100a7d6149df7c90153e5647e73e8817af3afca80a4e5614a7821cb4a91f8e9885648e0b89edac2df08e69bb4ea4050114e31a8e1e6b801c878d73495548f694b0730e0472ff2cc83420baa636a55122d37e99d3b2d105bf9ddb259ea61cd727751c96e78cffef260f80748d553546d90d9d7f63df9f5da43245a8b81a9dbdb2cba04fcb2ab33e34cbc4dad6d76acbb02462fe40535775124f97cb219bbc7ba364ace294cd1867ccac687e217c13fc140dab10b2aecb5313841dce83b6bec5de1af93ed62da5dcef0ce22de9ebc289123c6f0a9501b0334776186fddcb5d5bce0a4dbd974c97a98654c6527834d0f94d90eb46c3cddfd684cb6c4e915e79b23523e8a986e053a97059f40fd65b5c76e716932d4e3977fd54be1cd5f2dec159674b5c3111d5b8c02240a206a38f1cf63bcd283&url=https%3A%2F%2Fwww.beautywelt.de%2FBumble-and-bumble-Curl-Conditioner%3Fkk%3Da4c6294-18f38777229-2170a0%26art%3D2021050438292%26pk_campaign%3Dkelkoo%26utm_source%3Dkelkoo%26utm_medium%3Ddisplay%26utm_campaign%3Dkelkoo%26utm_term%3D2021050438292%26promobar%3Dpreisvergleich&initiator=dd HTTP 303
https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.clintontownship.alcoholdrugrehabmichigan.com/ HTTP 302
http://ww99.alcoholdrugrehabmichigan.com/ HTTP 307
https://ww99.alcoholdrugrehabmichigan.com/ HTTP 307
http://ww99.alcoholdrugrehabmichigan.com/

Request Chain 2

http://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08 HTTP 307
https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
ww99.alcoholdrugrehabmichigan.com/
Redirect Chain

https://www.clintontownship.alcoholdrugrehabmichigan.com/
http://ww99.alcoholdrugrehabmichigan.com/
https://ww99.alcoholdrugrehabmichigan.com/
http://ww99.alcoholdrugrehabmichigan.com/

2 KB
2 KB

540ms
393ms

Document
text/html

72.52.179.174
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://ww99.alcoholdrugrehabmichigan.com/
Protocol: HTTP/1.1
Server: 72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 2236
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 May 2024 08:41:41 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16

Redirect headers

Location: http://ww99.alcoholdrugrehabmichigan.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK bouncy.php
ww99.alcoholdrugrehabmichigan.com/page/ 889 B
1 KB 169ms
168ms Document
text/html 72.52.179.174
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://ww99.alcoholdrugrehabmichigan.com/page/bouncy.php?&bpae=GbhGtCkHvUx7ttthwVn3VrL2SciCowz4mmGfqAJ1EAYm2a8pY%2BhgwIgiUIj2IP68FKmX8%2F4BZtOd014qkgq194rwT%2B4eciwjBix%2F0Uvu9D4K5yWmnDOdTN8xe5wIDQL8dDoFIYkm3%2Fx03IlpO%2BMEq9x7tkUd6TtdwKnRjIdYt8YfzdyyoOBY13F8qp04L4ph8RdCYlsOPPqd33jVfVSom8MhMPNkTMzGdoHKJqhUoLgJdFxtqgyECsiVhVEjcqcNg3MArQcwVj%2FTNU94ypOPUHeBFII6jdsnh2%2BJB3sf59HAyKDaCTXWxI3HBAs6xxKHGgvbEwFY5Dz5AQM%2BBakUbhTAfMnnl%2FrMn1Kfe9FHfWZ62PMQ4HqISyYw36k7MtSJjwfx6EDZZxCtYYCr7RyDoIY4w7WHOqDi5lHN05vOxRtmkB9fd71QluSdjoKl0zLIrwdA8wImfpCyBIywTc%2F%2BYYMKm%2FP7%2BCpkj5GLyH8T7cUfJ2We3dc%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: ww99.alcoholdrugrehabmichigan.com
URL: http://ww99.alcoholdrugrehabmichigan.com/
Protocol: HTTP/1.1
Server: 72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://ww99.alcoholdrugrehabmichigan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 889
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 May 2024 08:41:41 GMT
Pragma: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16

GET
H/1.1

200
OK

redirect Show response
r.redirekted.com/
Redirect Chain

http://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08
https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08

856 B
1 KB

526ms
162ms

Document
text/html

66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08
Requested by: Host: ww99.alcoholdrugrehabmichigan.com
URL: http://ww99.alcoholdrugrehabmichigan.com/page/bouncy.php?&bpae=GbhGtCkHvUx7ttthwVn3VrL2SciCowz4mmGfqAJ1EAYm2a8pY%2BhgwIgiUIj2IP68FKmX8%2F4BZtOd014qkgq194rwT%2B4eciwjBix%2F0Uvu9D4K5yWmnDOdTN8xe5wIDQL8dDoFIYkm3%2Fx03IlpO%2BMEq9x7tkUd6TtdwKnRjIdYt8YfzdyyoOBY13F8qp04L4ph8RdCYlsOPPqd33jVfVSom8MhMPNkTMzGdoHKJqhUoLgJdFxtqgyECsiVhVEjcqcNg3MArQcwVj%2FTNU94ypOPUHeBFII6jdsnh2%2BJB3sf59HAyKDaCTXWxI3HBAs6xxKHGgvbEwFY5Dz5AQM%2BBakUbhTAfMnnl%2FrMn1Kfe9FHfWZ62PMQ4HqISyYw36k7MtSJjwfx6EDZZxCtYYCr7RyDoIY4w7WHOqDi5lHN05vOxRtmkB9fd71QluSdjoKl0zLIrwdA8wImfpCyBIywTc%2F%2BYYMKm%2FP7%2BCpkj5GLyH8T7cUfJ2We3dc%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.23.3 / PHP/8.1.13
Resource Hash: b0ffeb2805e62b06078975a3e81daff16abdb7899e2e6408a3ad3b967a0cdb5e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://ww99.alcoholdrugrehabmichigan.com/page/bouncy.php?&bpae=GbhGtCkHvUx7ttthwVn3VrL2SciCowz4mmGfqAJ1EAYm2a8pY%2BhgwIgiUIj2IP68FKmX8%2F4BZtOd014qkgq194rwT%2B4eciwjBix%2F0Uvu9D4K5yWmnDOdTN8xe5wIDQL8dDoFIYkm3%2Fx03IlpO%2BMEq9x7tkUd6TtdwKnRjIdYt8YfzdyyoOBY13F8qp04L4ph8RdCYlsOPPqd33jVfVSom8MhMPNkTMzGdoHKJqhUoLgJdFxtqgyECsiVhVEjcqcNg3MArQcwVj%2FTNU94ypOPUHeBFII6jdsnh2%2BJB3sf59HAyKDaCTXWxI3HBAs6xxKHGgvbEwFY5Dz5AQM%2BBakUbhTAfMnnl%2FrMn1Kfe9FHfWZ62PMQ4HqISyYw36k7MtSJjwfx6EDZZxCtYYCr7RyDoIY4w7WHOqDi5lHN05vOxRtmkB9fd71QluSdjoKl0zLIrwdA8wImfpCyBIywTc%2F%2BYYMKm%2FP7%2BCpkj5GLyH8T7cUfJ2We3dc%3D&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 May 2024 08:41:42 GMT
Server: nginx/1.23.3
Transfer-Encoding: chunked
X-Powered-By: PHP/8.1.13

Redirect headers

Location: https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK adren.css
r.redirekted.com/css/ 243 B
479 B 160ms
160ms Stylesheet
text/css 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.redirekted.com/css/adren.css?n=3058226010
Requested by: Host: r.redirekted.com
URL: https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.23.3 /
Resource Hash: e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 08:41:42 GMT
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.23.3
ETag: "60dff9aa-f3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243

GET
H/1.1 200
OK adren.min.js Show response
r.redirekted.com/js/ 7 KB
8 KB 321ms
160ms Script
application/javascript 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.redirekted.com/js/adren.min.js?n=3058226010
Requested by: Host: r.redirekted.com
URL: https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.23.3 /
Resource Hash: 8597d8112ffa8f07199b715746aebe0bc4180e1c23cf4de02ef8fdc8f57e0bdc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 08:41:42 GMT
Last-Modified: Fri, 05 Apr 2024 12:36:31 GMT
Server: nginx/1.23.3
ETag: "660ff04f-1d72"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7538

GET
H/1.1 200
OK go Show response
r.redirekted.com/ Frame EB80 2 KB
2 KB 161ms
161ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.redirekted.com/go?e=DwCaxHVbDKFdfRAW1UX0uxXYkaL8gwXx1aqvN2XmWlF8IFq8jaq8SzXuAlBeHPpwy3C5kGVyLlL-IlX80KL5ywsmMPM8gwVW1KL0cRs-jUMeHFq5blB0STs-VlK9AaXuy3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxymZ213ElLUnRglq5O2XvyKClLKq6ZQX9fwZ21mCdtlLTcFLbI0rXgvEuHPsV1KW4bRs7bPF8IPp-bFLRu2Z_pPEmV3XTEwLwbHVyDmK55QL80KX99SA7NJBeZaXWcPX4yHsmkaF8gGs9fvC5gQs7ZlB9SzVX1KW4fxX-LFL-IPrtkUWefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Requested by: Host: r.redirekted.com
URL: https://r.redirekted.com/js/adren.min.js?n=3058226010
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.23.3 / PHP/8.1.13
Resource Hash: 20c595c27af9c2d6dc921f5df94685d714069f10db45df72c418539230160234

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://r.redirekted.com/redirect?redirect_id=5896d7ba8592417a22c9e1ab162d4466&request_id=a1c715a0c372694d5d4311d0c6cdce08
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 May 2024 08:41:42 GMT
Server: nginx/1.23.3
Transfer-Encoding: chunked
X-Powered-By: PHP/8.1.13

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame EB80 52 KB
21 KB 140ms
20ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r.redirekted.com
URL: https://r.redirekted.com/go?e=DwCaxHVbDKFdfRAW1UX0uxXYkaL8gwXx1aqvN2XmWlF8IFq8jaq8SzXuAlBeHPpwy3C5kGVyLlL-IlX80KL5ywsmMPM8gwVW1KL0cRs-jUMeHFq5blB0STs-VlK9AaXuy3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxymZ213ElLUnRglq5O2XvyKClLKq6ZQX9fwZ21mCdtlLTcFLbI0rXgvEuHPsV1KW4bRs7bPF8IPp-bFLRu2Z_pPEmV3XTEwLwbHVyDmK55QL80KX99SA7NJBeZaXWcPX4yHsmkaF8gGs9fvC5gQs7ZlB9SzVX1KW4fxX-LFL-IPrtkUWefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r.redirekted.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 May 2024 08:07:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2034
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 02 May 2024 10:07:49 GMT

POST
H2 200 collect
www.google-analytics.com/j/ Frame EB80 15 B
159 B 31ms
30ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1490378346&t=pageview&_s=1&dl=https%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbDKFdfRAW1UX0uxXYkaL8gwXx1aqvN2XmWlF8IFq8jaq8SzXuAlBeHPpwy3C5kGVyLlL-IlX80KL5ywsmMPM8gwVW1KL0cRs-jUMeHFq5blB0STs-VlK9AaXuy3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxymZ213ElLUnRglq5O2XvyKClLKq6ZQX9fwZ21mCdtlLTcFLbI0rXgvEuHPsV1KW4bRs7bPF8IPp-bFLRu2Z_pPEmV3XTEwLwbHVyDmK55QL80KX99SA7NJBeZaXWcPX4yHsmkaF8gGs9fvC5gQs7ZlB9SzVX1KW4fxX-LFL-IPrtkUWefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=de-de&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=377597779&gjid=2013892972&cid=236883132.1714639303&tid=UA-32454353-1&_gid=1670375721.1714639303&_r=1&_slc=1&z=178749766

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://r.redirekted.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.redirekted.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame EB80 35 B
194 B 21ms
21ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1490378346&t=pageview&_s=2&dl=https%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DDwCaxHVbDKFdfRAW1UX0uxXYkaL8gwXx1aqvN2XmWlF8IFq8jaq8SzXuAlBeHPpwy3C5kGVyLlL-IlX80KL5ywsmMPM8gwVW1KL0cRs-jUMeHFq5blB0STs-VlK9AaXuy3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxymZ213ElLUnRglq5O2XvyKClLKq6ZQX9fwZ21mCdtlLTcFLbI0rXgvEuHPsV1KW4bRs7bPF8IPp-bFLRu2Z_pPEmV3XTEwLwbHVyDmK55QL80KX99SA7NJBeZaXWcPX4yHsmkaF8gGs9fvC5gQs7ZlB9SzVX1KW4fxX-LFL-IPrtkUWefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=de-de&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=236883132.1714639303&tid=UA-32454353-1&_gid=1670375721.1714639303&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=642933110

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r.redirekted.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 02:22:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22774
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK offersearchGo Show response
de-go.kelkoogroup.net/ 32 KB
33 KB 161ms
67ms Document
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliationId=96965856&comId=100474218&country=de&offerId=3db94cbeff8f73276f0a2c75400bee3d&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM&custom2=jKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

16fd884cc82ea7ac7f0843401a49b56117ec5584d33d09b05a613e0cac51b077

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://r.redirekted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Content-Length: 32942
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 May 2024 08:41:43 GMT
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.036763S
X-Content-Type-Options: nosniff
X-DataDome: protected
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698148_1714639303209_23684069
country: de
leadId: 62AE01HWW7EWJ3VD5MTS7VFP83WBVZ

GET
H2 200 js
www.googletagmanager.com/gtag/ Frame EB80 252 KB
90 KB 99ms
49ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TG55WX34R2&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r.redirekted.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91506
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 May 2024 08:41:43 GMT

GET
H/1.1 200
OK p.png
de-go.kelkoogroup.net/assets/images/ 68 B
594 B 85ms
36ms Image
image/png 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de-go.kelkoogroup.net/assets/images/p.png?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e030e2330b651b0ffd8062d118ffd0eacccf86c27e5fa856480d381b56e173c52d8f417b7f2f7c56f8fccfdb6977396bc0c3311ae91553d0f0c5219a1d009f67a20637cd0cdbd96c8ace1fd4b9f66a052bc09b255ed3100a7d6149df7c90153e5647e73e8817af3afca80a4e5614a7821cb4a91f8e9885648e0b89edac2df08e69bb4ea4050114e31a8e1e6b801c878d73495548f694b0730e0472ff2cc83420baa636a55122d37e99d3b2d105bf9ddb259ea61cd727751c96e78cffef260f80748d553546d90d9d7f63df9f5da43245a8b81a9dbdb2cba04fcb2ab33e34cbc4dad6d76acbb02462fe40535775124f97cb219bbc7ba364ace294cd1867ccac687e217c13fc140dab10b2aecb5313841dce83b6bec5de1af93ed62da5dcef0ce22de9ebc289123c6f0a9501b0334776186fddcb5d5bce0a4dbd974c97a98654c6527834d0f94d90eb46c3cddfd684cb6c4e915e79b23523e8a986e053a97059f40fd65b5c76e716932d4e3977fd54be1cd5f2dec159674b5c3111d5b8c02240a206a38f1cf63bcd283

Requested by

Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliationId=96965856&comId=100474218&country=de&offerId=3db94cbeff8f73276f0a2c75400bee3d&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM&custom2=jKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-device-memory: 8
Referer: https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliationId=96965856&comId=100474218&country=de&offerId=3db94cbeff8f73276f0a2c75400bee3d&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM&custom2=jKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: frame-ancestors 'none'
Date: Thu, 02 May 2024 08:41:43 GMT
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
leadId: 62AE01HWW7EWJ3VD5MTS7VFP83WBVZ
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.002765S
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private, must-revalidate
clickId: 107698148_1714639303209_23684069
country: de
X-Robots-Tag: noindex,nofollow
Content-Length: 68
X-XSS-Protection: 1; mode=block

GET
H2 200 tags.js Show response
dd.kelkoogroup.net/ 148 KB
27 KB 120ms
23ms Script
text/javascript 3.161.82.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.kelkoogroup.net/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-21.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

6d526fd8ed7efb090207e7f90f3e5d256e9abedcbb4e2feafc5050edfb9ade30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://de-go.kelkoogroup.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 08:13:15 GMT
x-amz-cf-pop: FRA56-P10
age: 1708
x-cache: Hit from cloudfront
content-length: 27423
last-modified: Mon, 22 Apr 2024 08:14:35 GMT
server: Apache
etag: "25025-616ab07274eb2-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: uY6LDo2PxzU58LU1X-Dd8pf4hDvBWLn0YU4LA4zBdfuiRCo0Jh9RgA==
expires: Thu, 02 May 2024 09:13:15 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
249 B 89ms
34ms Ping
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DT1FS22Q5N&_p=275396485&sr=1600x1200&ul=de-de&cid=432175029.1714639303&uid=a4c6294-18f38777229-2170a0&_fv=1&_s=1&dl=https%3A%2F%2Fde-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1714638003142%26.sig%3Dsu7hgKvi0pxkNJZdKaK245vjIiA-%26affiliationId%3D96965856%26comId%3D100474218%26country%3Dde%26offerId%3D3db94cbeff8f73276f0a2c75400bee3d%26service%3D37%26tokenId%3D35e025c3-2943-4e2d-874f-eaee491f9fab%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM%26custom2%3DjKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB&dt=Weiterleitung%20zu%20Beautywelt.de&dr=https%3A%2F%2Fr.redirekted.com%2F&dp=%2F96965856%7C100474218%7C&sid=1714639303&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96965856&ep.cd2=62AE01HWW7EWJ3VD5MTS7VFP83WBVZ&ep.cd3=100474218&ep.cd4=a4c6294-18f38777229-2170a0&ep.cd5=&ep.cd6=96965856%7C100474218%7C
Requested by: Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliationId=96965856&comId=100474218&country=de&offerId=3db94cbeff8f73276f0a2c75400bee3d&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM&custom2=jKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://de-go.kelkoogroup.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 08:41:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de-go.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found ados.js Show response
de-go.kelkoogroup.net/ 1 KB
2 KB 30ms
29ms XHR
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/ados.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-device-memory: 8
Referer: https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliationId=96965856&comId=100474218&country=de&offerId=3db94cbeff8f73276f0a2c75400bee3d&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM&custom2=jKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: frame-ancestors 'none'
Date: Thu, 02 May 2024 08:41:43 GMT
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.000342S
X-Frame-Options: DENY
Content-Type: text/html; charset=UTF-8
X-Robots-Tag: noindex,nofollow
Content-Length: 1140
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK fp
de-go.kelkoogroup.net/ 0
500 B 32ms
32ms Ping
text/plain 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/fp?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e030e2330b651b0ffd8062d118ffd0eacccf86c27e5fa856480d381b56e173c52d8f417b7f2f7c56f8fccfdb6977396bc0c3311ae91553d0f0c5219a1d009f67a20637cd0cdbd96c8ace1fd4b9f66a052bc09b255ed3100a7d6149df7c90153e5647e73e8817af3afca80a4e5614a7821cb4a91f8e9885648e0b89edac2df08e69bb4ea4050114e31a8e1e6b801c878d73495548f694b0730e0472ff2cc83420baa636a55122d37e99d3b2d105bf9ddb259ea61cd727751c96e78cffef260f80748d553546d90d9d7f63df9f5da43245a8b81a9dbdb2cba04fcb2ab33e34cbc4dad6d76acbb02462fe40535775124f97cb219bbc7ba364ace294cd1867ccac687e217c13fc140dab10b2aecb5313841dce83b6bec5de1af93ed62da5dcef0ce22de9ebc289123c6f0a9501b0334776186fddcb5d5bce0a4dbd974c97a98654c6527834d0f94d90eb46c3cddfd684cb6c4e915e79b23523e8a986e053a97059f40fd65b5c76e716932d4e3977fd54be1cd5f2dec159674b5c3111d5b8c02240a206a38f1cf63bcd283

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-device-memory: 8
Content-Type: text/plain;charset=utf-8
Referer: https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliationId=96965856&comId=100474218&country=de&offerId=3db94cbeff8f73276f0a2c75400bee3d&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM&custom2=jKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: frame-ancestors 'none'
Date: Thu, 02 May 2024 08:41:43 GMT
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
leadId: 62AE01HWW7EWJ3VD5MTS7VFP83WBVZ
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.003377S
X-Frame-Options: DENY
Content-Type: text/plain; charset=UTF-8
clickId: 107698148_1714639303209_23684069
country: de
X-Robots-Tag: noindex,nofollow
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
BLOB 200
OK 51931ad8-7626-4080-8ac8-6521d4c72a86
https://de-go.kelkoogroup.net/ 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://de-go.kelkoogroup.net/51931ad8-7626-4080-8ac8-6521d4c72a86
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H/1.1 404
Not Found favicon.ico
de-go.kelkoogroup.net/ 1 KB
2 KB 32ms
32ms Other
text/html 95.211.116.26
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-mx-vip.kelkoo.com

Software

Resource Hash

73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-device-memory: 8
Referer: https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliationId=96965856&comId=100474218&country=de&offerId=3db94cbeff8f73276f0a2c75400bee3d&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM&custom2=jKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: frame-ancestors 'none'
Date: Thu, 02 May 2024 08:41:43 GMT
Referrer-Policy: origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.000695S
X-Frame-Options: DENY
Content-Type: text/html; charset=UTF-8
X-Robots-Tag: noindex,nofollow
Content-Length: 1144
X-XSS-Protection: 1; mode=block

POST
H2 200 /
api-js.datadome.co/js/ 236 B
414 B 99ms
26ms XHR
application/json 3.127.166.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.166.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-166-121.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://de-go.kelkoogroup.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 02 May 2024 08:41:43 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 236
expires: 0

GET
H2

200

Primary Request Bumble-and-bumble-Curl-Conditioner Show response
www.beautywelt.de/
Redirect Chain

https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff4371812dde7f71ef50e030e2330b651b0ffd8062d118ffd0eacccf86c27e5fa856480d381b56e173c52d8f417b7f2f7c56f8fccfdb6977396bc0...
https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=202...

56 KB
12 KB

168ms
87ms

Document
text/html

85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

0847983bc03e35396cdc69fd1ae579425f7d4e2b47deedcad65d0382cd05469f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliationId=96965856&comId=100474218&country=de&offerId=3db94cbeff8f73276f0a2c75400bee3d&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM&custom2=jKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-device-memory: 8
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=iso-8859-1
date: Thu, 02 May 2024 08:41:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-ua-compatible: IE=edge

Redirect headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Content-Length: 0
Content-Security-Policy: frame-ancestors 'none'
Date: Thu, 02 May 2024 08:41:43 GMT
Location: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Referrer-Policy: origin-when-cross-origin
Request-Time: PT0.012546S
X-Content-Type-Options: nosniff
X-DataDome: protected
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1; mode=block
clickId: 107698148_1714639303209_23684069
country: de
leadId: 62AE01HWW7EWJ3VD5MTS7VFP83WBVZ

GET
H2 200 20240410.css
www.beautywelt.de/cache/css/bwom/ 10 KB
3 KB 35ms
35ms Stylesheet
text/css 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/css/bwom/20240410.css

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

2ba455467ddf25f35add6314dd7674e6a851b8353fcfe0c5aadf6678b8d9c435

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 10 Apr 2024 09:17:43 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2506
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 0_20240423.css
www.beautywelt.de/cache/css/0/ 12 KB
3 KB 61ms
60ms Stylesheet
text/css 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/css/0/0_20240423.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

7962d4621ad29d88de01313c281ee240c66afd5354658b0f65b086e96eac1ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 23 Apr 2024 11:26:08 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3140
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 0_20240318.css
www.beautywelt.de/cache/css/1/ 5 KB
2 KB 36ms
35ms Stylesheet
text/css 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/css/1/0_20240318.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

6c910104e7cb97c701d74da5434950749d8d0e46b0d0a3e81bc7fd69596e3bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2024 12:57:49 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1548
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 logo_header_287x100.png
www.beautywelt.de/cache/1/97/ 10 KB
10 KB 33ms
32ms Image
image/png 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/cache/1/97/logo_header_287x100.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

0a41988dd36d168c6b3c842a65928c20b8c0dffe578c083ec66752c41a9a7c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2023 14:51:45 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10155
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-curl-conditioner-200-ml.jpg
www.beautywelt.de/product/173694/md/ 9 KB
9 KB 34ms
34ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/173694/md/bumble-and-bumble-curl-conditioner-200-ml.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

0d7d9505caf7d7ed2e6db2e1cdf7f59572831f9927ef13356c9094f3286dfa4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:29:30 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9657
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
90 KB 98ms
49ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZPPQXG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1874b1429b4f78cc14c337db41169910a2aacc8d7768e73a870145aacf24ecbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91344
x-xss-protection: 0
last-modified: Thu, 02 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 May 2024 08:41:43 GMT

GET
H2 200 20231221.js Show response
www.beautywelt.de/cache/js/bwa10/ 16 KB
9 KB 34ms
34ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/bwa10/20231221.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

61e869ad566005103406fb6060759e8e4ac6b419398752e0ab402cf5b180ad4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 21 Dec 2023 11:20:03 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8783
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 20240408_2.js Show response
www.beautywelt.de/cache/js/bwa2n/ 12 KB
5 KB 35ms
35ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/bwa2n/20240408_2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

1a84ead40ea4ec993c7b7cea54f8b3da7d9a09e2fb9584a597619f9c4832a1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2024 11:26:13 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5013
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 20240411.js Show response
www.beautywelt.de/cache/js/bwa21/ 2 KB
1 KB 33ms
33ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/bwa21/20240411.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

dbc298b3ec2af7e3d2e1bab22b75c2e04b72a4068322e9dc2e374838cc8570fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 23 Apr 2024 08:34:49 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1338
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 20240220_1.png
www.beautywelt.de/cache/png/bwj8/ 5 KB
5 KB 31ms
31ms Image
image/png 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/cache/png/bwj8/20240220_1.png

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/css/0/0_20240423.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

f8df595d5eccae3dbf2f1f2705e0717e4519952ea5c2f56d74c59b6d6d19088e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/cache/css/0/0_20240423.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Feb 2024 11:42:14 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4629
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bwiu.woff2
www.beautywelt.de/cache/files/ 20 KB
20 KB 33ms
33ms Font
font/woff2 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/files/bwiu.woff2

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/css/bwom/20240410.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

d6a25d16ce81d5620c4362437716afff1596f837c9d1cd245b737fdb65094e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/cache/css/bwom/20240410.css
Origin: https://www.beautywelt.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2023 15:33:12 GMT
server: Apache
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20612
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bwj2.woff2
www.beautywelt.de/cache/files/ 4 KB
4 KB 33ms
33ms Font
font/woff2 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/files/bwj2.woff2

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/css/bwom/20240410.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

bed3842d25f6f09fcfda2e2dcb7cd6f26534f67f6ff93dca39cd6df2d991e66e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/cache/css/bwom/20240410.css
Origin: https://www.beautywelt.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2023 15:33:12 GMT
server: Apache
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3696
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bwiv.woff2
www.beautywelt.de/cache/files/ 25 KB
25 KB 31ms
31ms Font
font/woff2 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/files/bwiv.woff2

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/css/bwom/20240410.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

ee5674cf5764ee20902b8dae6d15832928ea31ddb400c6db82682296da8a8487

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/cache/css/bwom/20240410.css
Origin: https://www.beautywelt.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2023 15:33:12 GMT
server: Apache
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 25880
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 20240325.js Show response
www.beautywelt.de/cache/js/bwv0/ 8 KB
3 KB 33ms
33ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/bwv0/20240325.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

30d784b30579dc1e5257189103541aa20fbab554734725344e9e5404ebd62d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2024 08:35:47 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3420
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 20240408.js Show response
www.beautywelt.de/cache/js/bwa0d/ 2 KB
1 KB 32ms
32ms Script
application/javascript 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/js/bwa0d/20240408.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

428f7aaff52aa4aecefe223453ba172a1bba672bd63237c12393ba92373637e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2024 07:24:53 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 993
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 ihr-geschenk-bumble-bumble-illum-color-seal-rich-15ml.jpg
www.beautywelt.de/product/312581/95/ 2 KB
2 KB 31ms
31ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/312581/95/ihr-geschenk-bumble-bumble-illum-color-seal-rich-15ml.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

92810db50f1e8d6ed2c0f141f3218d052e377547069992da01966d3104e05bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 01:11:04 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1610
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-creme-de-coco-tropical-riche-shampoo-250-ml.jpg
www.beautywelt.de/product/173646/95/ 2 KB
2 KB 34ms
33ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/173646/95/bumble-and-bumble-creme-de-coco-tropical-riche-shampoo-250-ml.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

9bb5223132fff3fe741cd7d3b90258d4e8b01124ed190e00c244f2d19fe4027a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:29:26 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1556
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-curl-moisturize-shampoo.jpg
www.beautywelt.de/product/175320/95/ 2 KB
2 KB 33ms
32ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/175320/95/bumble-and-bumble-curl-moisturize-shampoo.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

22a0276393e8fa889aa0a0e2fd30b2a211b388ee4c328ff972b36ed2071e3427

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:31:18 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1604
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-bb-curl-light-defining-cream.jpg
www.beautywelt.de/product/186571/95/ 1 KB
2 KB 32ms
31ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/186571/95/bumble-and-bumble-bb-curl-light-defining-cream.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

2a6ad086d9fdb30d5f78b321fd78e4ad45c120ac3d0aa8b3e229c9e0fab0eb04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:55:17 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1490
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-curl-mousse-146-ml.jpg
www.beautywelt.de/product/173698/95/ 1 KB
1 KB 35ms
34ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/173698/95/bumble-and-bumble-curl-mousse-146-ml.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

bd1030325ece6a434e69ebcf4d65cd53ed7ebbf636eeea4f0e427ed3bf19a6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:29:31 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1282
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-curl-reactivator.jpg
www.beautywelt.de/product/175380/95/ 1 KB
2 KB 36ms
35ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/175380/95/bumble-and-bumble-curl-reactivator.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

ca9ad33db07a987598b624b9328fe481d1aa080986a0f4e4ca4efcb157f2bf9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:31:33 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1496
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-bb-curl-gel-pomade-100-ml.jpg
www.beautywelt.de/product/186574/95/ 3 KB
3 KB 37ms
37ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/186574/95/bumble-and-bumble-bb-curl-gel-pomade-100-ml.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

3da17177f6cb02483b3945423c2b9c62937918ddf034dc7cd286e9287838bce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:55:17 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2651
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-curl-gel-oil-150-ml.jpg
www.beautywelt.de/product/173699/95/ 1 KB
1 KB 36ms
35ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/173699/95/bumble-and-bumble-curl-gel-oil-150-ml.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

dadf1ccf286f0d2e7dd49bceeb2145105876f7c6b2b6bf38fac60c791de6fcaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:29:31 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1468
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-curl-defining-cream-250-ml.jpg
www.beautywelt.de/product/173697/95/ 2 KB
2 KB 37ms
36ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/173697/95/bumble-and-bumble-curl-defining-cream-250-ml.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

87c0275c6918523c8c1bf38ce350fc6a1643859c9e0cbc6d5ea4d64536fe5c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:29:31 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1716
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-curl-butter-mask-200-ml.jpg
www.beautywelt.de/product/173695/95/ 2 KB
2 KB 37ms
36ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/173695/95/bumble-and-bumble-curl-butter-mask-200-ml.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

22288272483c5eff83774077cc16674434913d6f4b63163d156075f2c114dc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:29:30 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1829
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-bb-heat-shield-blow-dry-accelerator-125-ml.jpg
www.beautywelt.de/product/173716/95/ 1 KB
1 KB 37ms
37ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/173716/95/bumble-and-bumble-bb-heat-shield-blow-dry-accelerator-125-ml.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

186ee00d182a4e9b2100a397b0ab8e00301faf106b79fdc90e8122c0532d2a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:29:32 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1400
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 bumble-and-bumble-bond-building-repair-conditioner.jpg
www.beautywelt.de/product/176769/95/ 2 KB
2 KB 37ms
37ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/176769/95/bumble-and-bumble-bond-building-repair-conditioner.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

afe1d4048220393f8f8961b906c051091d435c50f4ca06d3c3c7a1aba19d2902

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:32:45 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1633
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 loccitane-eau-des-baux-deo-stick-75-ml.jpg
www.beautywelt.de/product/154539/95/ 2 KB
2 KB 39ms
39ms Image
image/jpeg 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beautywelt.de/product/154539/95/loccitane-eau-des-baux-deo-stick-75-ml.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

2595d096d1d6f14945e292d1f4f8cdbe74a87522a45ee1a3d64cf874836f2cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 10:19:27 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1744
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
H2 200 6_20240321.css
www.beautywelt.de/cache/css/bwr9/ 6 KB
2 KB 55ms
55ms Stylesheet
text/css 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/cache/css/bwr9/6_20240321.css

Requested by

Host: www.beautywelt.de
URL: https://www.beautywelt.de/cache/js/bwa2n/20240408_2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

b27242ee93aed36eb80b9d9b21f1de3a4edaeab514ae3d440a9363e6c5dcedb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 09:26:55 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1749
expires: Sat, 01 Jun 2024 08:41:43 GMT

GET
DATA 200
OK truncated
/ 775 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dc06dd84eee81c88ed30884a127b027cbbcd28e9bc3358191efedfbec714204

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
106 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3R0274ZD8E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZPPQXG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9c65b7faf7111cb7b6fa6c84ad6cf1fb99616c2511b0a54fb4842d95425bc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 May 2024 08:41:44 GMT

GET
H2 200 favicon.ico
www.beautywelt.de/gfx/ 1 KB
892 B 32ms
32ms Other
image/x-icon 85.13.155.115
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beautywelt.de/gfx/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.13.155.115 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),

Reverse DNS

dd6430.kasserver.com

Software

Apache /

Resource Hash

2e4cf631af21b46b1f8048509abea80768d86a3ea7fc24520f1e1da9d36323a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/Bumble-and-bumble-Curl-Conditioner?kk=a4c6294-18f38777229-2170a0&art=2021050438292&pk_campaign=kelkoo&utm_source=kelkoo&utm_medium=display&utm_campaign=kelkoo&utm_term=2021050438292&promobar=preisvergleich
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 08:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Dec 2021 16:53:54 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/x-icon
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 778
expires: Sat, 01 Jun 2024 08:41:44 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 107ms
58ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=1506992546.1714639305&url=https%3A%2F%2Fwww.beautywelt.de%2FBumble-and-bumble-Curl-Conditioner&dma_cps=-&dma=1&npa=1&gtm=45He44t0n81TZPPQXGv78838910za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZPPQXG

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 08:41:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 78ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3R0274ZD8E&gtm=45je44t0v891099578z878838910za200&_p=1714639303862&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=1442334467.1714639305&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_s=1&sid=1714639304&sct=1&seg=0&dl=https%3A%2F%2Fwww.beautywelt.de%2FBumble-and-bumble-Curl-Conditioner%3Fkk%3Da4c6294-18f38777229-2170a0%26art%3D2021050438292%26pk_campaign%3Dkelkoo%26utm_source%3Dkelkoo%26utm_medium%3Ddisplay%26utm_campaign%3Dkelkoo%26utm_term%3D2021050438292%26promobar%3Dpreisvergleich&dr=https%3A%2F%2Fde-go.kelkoogroup.net%2F&dt=Bumble%20and%20bumble%20Curl%20Conditioner&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1080
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3R0274ZD8E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 08:41:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.beautywelt.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 271 KB
82 KB 138ms
25ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ARCZX4oqqml-SMEUa24fJUYodb3gxQAfYkbE5vLf-IekfUdskySnfPbiR9g1rQlLVt7VqNwxF2QIGdia&currency=EUR&components=messages

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a32e3262d3564961e52d5b21b637c22ba9547a98132ff10d422efd7b6be774c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-FBxH8o3MiW6jr79hkcHDmTmUyuZPt33mxEEcuLfodN1d0vDl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-FBxH8o3MiW6jr79hkcHDmTmUyuZPt33mxEEcuLfodN1d0vDl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-FBxH8o3MiW6jr79hkcHDmTmUyuZPt33mxEEcuLfodN1d0vDl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-FBxH8o3MiW6jr79hkcHDmTmUyuZPt33mxEEcuLfodN1d0vDl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Thu, 02 May 2024 08:41:45 GMT
age: 9069
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f156148aeaa6f
server-timing: "traceparent;desc="00-0000000000000000000f156148aeaa6f-d5856c55c4748082-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 81665
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220099-FRA, cache-fra-etou8220099-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f156148aeaa6f-688c30a0e7192638-01
x-timer: S1714639306.531429,VS0,VE4
etag: W/"13f01-9JljO2eHhMUSt+koRs5rjSo3Mxk"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 local
www.paypal.com/credit-presentment/experiments/ Frame 03DB 0
0 104ms
27ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/local?uid=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVJDWlg0b3FxbWwtU01FVWEyNGZKVVlvZGIzZ3hRQWZZa2JFNXZMZi1JZWtmVWRza3lTbmZQYmlSOWcxclFsTFZ0N1ZxTnd4RjJRSUdkaWEmY3VycmVuY3k9RVVSJmNvbXBvbmVudHM9bWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF91Y3dzaHZyeHp0aHR2bnFpc2d4aGZodmJtd3JqaGoifX0&env=production&scriptUID=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&version=1.63.0&integrationType=SDK

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ARCZX4oqqml-SMEUa24fJUYodb3gxQAfYkbE5vLf-IekfUdskySnfPbiR9g1rQlLVt7VqNwxF2QIGdia&currency=EUR&components=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.beautywelt.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 51367
cache-control: s-maxage=86400, max-age=0
content-encoding: gzip
content-length: 1526
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Thu, 02 May 2024 08:41:45 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-treatments-zoid
etag: W/"1479-2Xvej+mDcQNMI4C2IgjEonngTKA"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f601925cdfcf6
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f601925cdfcf6-732bb5662756ff65-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f601925cdfcf6-4ad5eccea7873a7f-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 8910, 0
x-served-by: cache-fra-etou8220066-FRA, cache-fra-etou8220066-FRA
x-timer: S1714639306.813414,VS0,VE5
x-xss-protection: 1; mode=block

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 27ms
27ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.beautywelt.de&t=xo&v=5.0.434&source=payments_sdk&client_id=ARCZX4oqqml-SMEUa24fJUYodb3gxQAfYkbE5vLf-IekfUdskySnfPbiR9g1rQlLVt7VqNwxF2QIGdia&comp=messages&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ARCZX4oqqml-SMEUa24fJUYodb3gxQAfYkbE5vLf-IekfUdskySnfPbiR9g1rQlLVt7VqNwxF2QIGdia&currency=EUR&components=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-fi6cJGpcNumnMqOuDZinP+0hkgVOXtvfUs5tOm+ZtjCoaTDQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-fi6cJGpcNumnMqOuDZinP+0hkgVOXtvfUs5tOm+ZtjCoaTDQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 May 2024 08:41:45 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1526
x-cache: HIT, MISS
paypal-debug-id: f138161a0b44c
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4338
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220099-FRA, cache-fra-etou8220099-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f138161a0b44c-8f72c043915a90fb-01
x-timer: S1714639306.629610,VS0,VE6
etag: W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 ts
t.paypal.com/ 42 B
513 B 461ms
168ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Bumble%20and%20bumble%20Curl%20Conditioner&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1714639305726&g=-120&completeurl=https%3A%2F%2Fwww.beautywelt.de%2FBumble-and-bumble-Curl-Conditioner%3Fkk%3Da4c6294-18f38777229-2170a0%26art%3D2021050438292%26pk_campaign%3Dkelkoo%26utm_source%3Dkelkoo%26utm_medium%3Ddisplay%26utm_campaign%3Dkelkoo%26utm_term%3D2021050438292%26promobar%3Dpreisvergleich&ru=https%3A%2F%2Fwww.beautywelt.de%2FBumble-and-bumble-Curl-Conditioner&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.beautywelt.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Thu, 02 May 2024 08:41:46 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: f4f58bf381a3a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220040-FRA
pragma: no-cache
correlation-id: f4f58bf381a3a
traceparent: 00-0000000000000000000f4f58bf381a3a-d006fd85c7b84201-01
x-timer: S1714639306.029576,VS0,VE147
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 May 2024 08:41:46 GMT

GET
H2 200 message
www.paypal.com/credit-presentment/smart/ Frame 645F 0
0 29ms
29ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=30.61&channel=UPSTREAM&page_type=product&style=%7B%22layout%22%3A%22text%22%7D&client_id=ARCZX4oqqml-SMEUa24fJUYodb3gxQAfYkbE5vLf-IekfUdskySnfPbiR9g1rQlLVt7VqNwxF2QIGdia&merchant_config=b01576bd90540b72d94c508f56bd5564517de126&treatments=947b53e529fdcc6232758db4e2470eacbfd73daf&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVJDWlg0b3FxbWwtU01FVWEyNGZKVVlvZGIzZ3hRQWZZa2JFNXZMZi1JZWtmVWRza3lTbmZQYmlSOWcxclFsTFZ0N1ZxTnd4RjJRSUdkaWEmY3VycmVuY3k9RVVSJmNvbXBvbmVudHM9bWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF91Y3dzaHZyeHp0aHR2bnFpc2d4aGZodmJtd3JqaGoifX0&env=production&version=1.63.0&integrationType=SDK&deviceID=uid_0a518237f2_mdg6nde6ndy&sessionID=uid_a18bbea6a7_mdg6nde6ndu&scriptUID=uid_ucwshvrxzthtvnqisgxhfhvbmwrjhj&message_request_id=uid_c3a54bc4a4_mdg6nde6ndy&disableSetCookie=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ARCZX4oqqml-SMEUa24fJUYodb3gxQAfYkbE5vLf-IekfUdskySnfPbiR9g1rQlLVt7VqNwxF2QIGdia&currency=EUR&components=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-k268HCSRGGlch2JT9A18A+BRKhmvQ6F8FKaNWiHURfY=' 'sha256-6xeS5u+7xo2CbcWsaRVS6O6l2sk8aIPkvM3GqjFii6k=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.beautywelt.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 17570
cache-control: s-maxage=21600, max-age=0
content-encoding: gzip
content-length: 27081
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-k268HCSRGGlch2JT9A18A+BRKhmvQ6F8FKaNWiHURfY=' 'sha256-6xeS5u+7xo2CbcWsaRVS6O6l2sk8aIPkvM3GqjFii6k=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Thu, 02 May 2024 08:41:46 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-message, up-country-DE, up-profile-b01576bd90540b72d94c508f56bd5564517de126, up-offer-PI30Q
etag: W/"149b5-IZyDbzpIgcl71KcOCpIp1dlGHhM"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f110674100e0f
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f110674100e0f-f7825fa008fd2545-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f110674100e0f-154e3a7a600b76dc-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-etou8220066-FRA, cache-fra-etou8220066-FRA
x-timer: S1714639307.552360,VS0,VE7
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
r.redirekted.com/	1970-01-20 20:18:45	Name: uuid Value: 1733071605725012480
.redirekted.com/	1970-01-21 05:53:19	Name: _ga Value: GA1.2.236883132.1714639303
.redirekted.com/	1970-01-20 20:18:45	Name: _gid Value: GA1.2.1670375721.1714639303
.redirekted.com/	1970-01-20 20:17:19	Name: _gat Value: 1
.kelkoogroup.net/	1970-01-21 05:02:55	Name: kelkooID Value: a4c6294-18f38777229-2170a0
.redirekted.com/	1970-01-21 05:53:19	Name: _ga_TG55WX34R2 Value: GS1.2.1714639303.1.1.1714639303.0.0.0
.kelkoogroup.net/	1970-01-21 04:55:43	Name: datadome Value: rdf5M3v2_Ek6yyM5djXrFSd6Mz9IbkwyI5PrajCBw6qvFYdqQdSyPTUZZ5K1u6tX7IrH4WuykYNqVES7TAOqsOvBmBZtcdGmPrkd76FN3s0pY8hrSzAOWYO_SIn3b1l3
.beautywelt.de/	1970-01-20 21:00:31	Name: JTLSHOP Value: 42cf1e661c101a007a27625c144b4889
.beautywelt.de/	1970-01-20 21:00:31	Name: gh4 Value: 6.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://de-go.kelkoogroup.net/offersearchGo?.ts=1714638003142&.sig=su7hgKvi0pxkNJZdKaK245vjIiA-&affiliationId=96965856&comId=100474218&country=de&offerId=3db94cbeff8f73276f0a2c75400bee3d&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=4KW8cHs3yHBmLKsUWwqbE0X3yULeVJr9Vwq1cmZb0mBlLKC_bPXwMxXuuJE3D3V1qmp4yHsXAJF8IvVTk3B0A2r7tKL3ZUqVk3pdZJsmWPM&custom2=jKWjuHsmEmK8gQqwqwqSExZvyRCexFrUAQB(Line 28) Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://de-go.kelkoogroup.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
dd.kelkoogroup.net
de-go.kelkoogroup.net
pagead2.googlesyndication.com
r.redirekted.com
region1.google-analytics.com
t.paypal.com
ww99.alcoholdrugrehabmichigan.com
www.beautywelt.de
www.clintontownship.alcoholdrugrehabmichigan.com
www.google-analytics.com
www.googletagmanager.com
www.paypal.com
142.250.186.130
151.101.193.21
151.101.193.35
151.101.65.21
2001:4860:4802:34::36
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2008
3.127.166.121
3.161.82.21
54.157.24.8
66.165.243.160
72.52.179.174
85.13.155.115
95.211.116.26
0847983bc03e35396cdc69fd1ae579425f7d4e2b47deedcad65d0382cd05469f
0a41988dd36d168c6b3c842a65928c20b8c0dffe578c083ec66752c41a9a7c49
0d7d9505caf7d7ed2e6db2e1cdf7f59572831f9927ef13356c9094f3286dfa4f
0dc06dd84eee81c88ed30884a127b027cbbcd28e9bc3358191efedfbec714204
16fd884cc82ea7ac7f0843401a49b56117ec5584d33d09b05a613e0cac51b077
186ee00d182a4e9b2100a397b0ab8e00301faf106b79fdc90e8122c0532d2a6e
1874b1429b4f78cc14c337db41169910a2aacc8d7768e73a870145aacf24ecbb
1a84ead40ea4ec993c7b7cea54f8b3da7d9a09e2fb9584a597619f9c4832a1fa
20c595c27af9c2d6dc921f5df94685d714069f10db45df72c418539230160234
22288272483c5eff83774077cc16674434913d6f4b63163d156075f2c114dc0a
22a0276393e8fa889aa0a0e2fd30b2a211b388ee4c328ff972b36ed2071e3427
2595d096d1d6f14945e292d1f4f8cdbe74a87522a45ee1a3d64cf874836f2cd1
2a6ad086d9fdb30d5f78b321fd78e4ad45c120ac3d0aa8b3e229c9e0fab0eb04
2ba455467ddf25f35add6314dd7674e6a851b8353fcfe0c5aadf6678b8d9c435
2e4cf631af21b46b1f8048509abea80768d86a3ea7fc24520f1e1da9d36323a8
30d784b30579dc1e5257189103541aa20fbab554734725344e9e5404ebd62d99
3da17177f6cb02483b3945423c2b9c62937918ddf034dc7cd286e9287838bce8
3db77cfe0a6a059ff4d86ea8530439864095c5fe278e279b28c88f99a0f9b530
428f7aaff52aa4aecefe223453ba172a1bba672bd63237c12393ba92373637e1
61e869ad566005103406fb6060759e8e4ac6b419398752e0ab402cf5b180ad4f
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6c910104e7cb97c701d74da5434950749d8d0e46b0d0a3e81bc7fd69596e3bfc
6d526fd8ed7efb090207e7f90f3e5d256e9abedcbb4e2feafc5050edfb9ade30
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620
7962d4621ad29d88de01313c281ee240c66afd5354658b0f65b086e96eac1ffc
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8597d8112ffa8f07199b715746aebe0bc4180e1c23cf4de02ef8fdc8f57e0bdc
87c0275c6918523c8c1bf38ce350fc6a1643859c9e0cbc6d5ea4d64536fe5c1d
92810db50f1e8d6ed2c0f141f3218d052e377547069992da01966d3104e05bde
9bb5223132fff3fe741cd7d3b90258d4e8b01124ed190e00c244f2d19fe4027a
a32e3262d3564961e52d5b21b637c22ba9547a98132ff10d422efd7b6be774c4
a9c65b7faf7111cb7b6fa6c84ad6cf1fb99616c2511b0a54fb4842d95425bc55
afe1d4048220393f8f8961b906c051091d435c50f4ca06d3c3c7a1aba19d2902
b0ffeb2805e62b06078975a3e81daff16abdb7899e2e6408a3ad3b967a0cdb5e
b27242ee93aed36eb80b9d9b21f1de3a4edaeab514ae3d440a9363e6c5dcedb6
bd1030325ece6a434e69ebcf4d65cd53ed7ebbf636eeea4f0e427ed3bf19a6a8
bed3842d25f6f09fcfda2e2dcb7cd6f26534f67f6ff93dca39cd6df2d991e66e
ca9ad33db07a987598b624b9328fe481d1aa080986a0f4e4ca4efcb157f2bf9b
d6a25d16ce81d5620c4362437716afff1596f837c9d1cd245b737fdb65094e1d
dadf1ccf286f0d2e7dd49bceeb2145105876f7c6b2b6bf38fac60c791de6fcaa
dbc298b3ec2af7e3d2e1bab22b75c2e04b72a4068322e9dc2e374838cc8570fb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee5674cf5764ee20902b8dae6d15832928ea31ddb400c6db82682296da8a8487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8df595d5eccae3dbf2f1f2705e0717e4519952ea5c2f56d74c59b6d6d19088e

www.beautywelt.de Open in urlscan Pro 85.13.155.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

95 %HTTPS

21 %IPv6

9 Domains

13 Subdomains

14 IPs

3 Countries

610 kBTransfer

1592 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.beautywelt.de Open in urlscan Pro
85.13.155.115 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

95 %
HTTPS

21 %
IPv6

9
Domains

13
Subdomains

14
IPs

3
Countries

610 kB
Transfer

1592 kB
Size

9
Cookies

58 HTTP transactions
1 data transactions