www.siceu.de Open in urlscan Pro
85.13.135.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.siceu.de/
Submission: On August 31 via api (August 31st 2022, 9:12:07 am UTC) from IE — Scanned from DE

Summary HTTP 197 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 31 domains to perform 197 HTTP transactions. The main IP is 85.13.135.3, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.siceu.de.

This is the only time www.siceu.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	85.13.135.3 85.13.135.3	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
4	2a01:4f9:4b:1... 2a01:4f9:4b:1406::2	24940 (HETZNER-AS) (HETZNER-AS)
21	195.201.169.184 195.201.169.184	24940 (HETZNER-AS) (HETZNER-AS)
3 5	2a01:4f8:10b:... 2a01:4f8:10b:ddc::2	24940 (HETZNER-AS) (HETZNER-AS)
2	94.130.9.175 94.130.9.175	24940 (HETZNER-AS) (HETZNER-AS)
2	188.40.69.138 188.40.69.138	24940 (HETZNER-AS) (HETZNER-AS)
1	162.19.154.224 162.19.154.224	16276 (OVH) (OVH)
81	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
3	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2 6	104.96.132.42 104.96.132.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:3c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
12	3.11.195.34 3.11.195.34	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
6	18.66.147.44 18.66.147.44	16509 (AMAZON-02) (AMAZON-02)
2	2a01:4f8:212:... 2a01:4f8:212:29e0::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5 5	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	54.93.208.161 54.93.208.161	16509 (AMAZON-02) (AMAZON-02)
2	46.4.41.145 46.4.41.145	24940 (HETZNER-AS) (HETZNER-AS)
18	18.168.156.122 18.168.156.122	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	() ()
1	2a00:1450:400... 2a00:1450:4001:80b::2004	() ()
197	25

12 85.13.135.3 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd12828.kasserver.com

www.siceu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siceu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f9:4b:1406::2 (Germany)

ASN24940 (HETZNER-AS, DE)

www.fastcounter.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 195.201.169.184 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.184.169.201.195.clients.your-server.de

spaceeditors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
emmaglam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a01:4f8:10b:ddc::2 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)

mpa4xbbs6m73.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.blyatflix.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thisis.aninter.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.hubu.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.9.175 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h109.hubuhost.com

ref.cdnplus.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.40.69.138 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.69.40.188.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.154.224 (France)

ASN16276 (OVH, FR)
PTR: de-c114.cdnplus.de

de-c114.cdnplus.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

81 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (France) 3 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.96.132.42 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-132-42.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:3c0 (United States)

ASN13335 (CLOUDFLARENET, US)

pvx.freenet-mobilfunk.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.11.195.34 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.147.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-44.fra60.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:212:29e0::2 (Germany)

ASN24940 (HETZNER-AS, DE)

tool.hubu.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 84.200.5.215 (Germany) 5 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

private.vodafone-affiliate.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.208.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-208-161.eu-central-1.compute.amazonaws.com

vfd2dyn.vodafone.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.168.156.122 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	ad4m.at ad4m.at — Cisco Umbrella Rank: 2138 as.ad4m.at — Cisco Umbrella Rank: 30472 assets.ad4m.at — Cisco Umbrella Rank: 39315	5 MB
25	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 22472 api.webgains.io — Cisco Umbrella Rank: 58879	596 KB
18	emmaglam.com emmaglam.com — Cisco Umbrella Rank: 870563	982 KB
12	webgains.com track.webgains.com — Cisco Umbrella Rank: 48447	222 KB
12	siceu.de www.siceu.de siceu.de	338 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 tpc.googlesyndication.com	215 KB
6	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69717	473 KB
6	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 16722	4 KB
4	fastcounter.de www.fastcounter.de — Cisco Umbrella Rank: 556137	2 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	9 KB
3	media01.eu pb.media01.eu — Cisco Umbrella Rank: 47180	809 B
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 48437	2 KB
3	cdnplus.de ref.cdnplus.de — Cisco Umbrella Rank: 470345 de-c114.cdnplus.de — Cisco Umbrella Rank: 604923	39 KB
3	spaceeditors.com spaceeditors.com — Cisco Umbrella Rank: 756997	1 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 60545	670 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 59966	433 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com	2 KB
2	hubu.link tool.hubu.link — Cisco Umbrella Rank: 961608	25 KB
2	hubu.fm 2 redirects static.hubu.fm	674 B
2	freenet-mobilfunk.de pvx.freenet-mobilfunk.de — Cisco Umbrella Rank: 119119	1001 B
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 39729 static.a-ads.com — Cisco Umbrella Rank: 51621	615 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 70979	1 KB
1	blau.de partner.blau.de — Cisco Umbrella Rank: 70726	1 KB
1	vodafone.de vfd2dyn.vodafone.de — Cisco Umbrella Rank: 84403
1	exactag.com 1 redirects m.exactag.com — Cisco Umbrella Rank: 13536	1 KB
1	vodafone-affiliate.de 1 redirects private.vodafone-affiliate.de — Cisco Umbrella Rank: 148207	743 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 9270	792 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
1	aninter.net 1 redirects thisis.aninter.net — Cisco Umbrella Rank: 612157	171 B
1	blyatflix.de c.blyatflix.de — Cisco Umbrella Rank: 492851	197 B
1	mpa4xbbs6m73.de mpa4xbbs6m73.de	776 B
197	31

	Domain	Requested by
42	assets.ad4m.at	as.ad4m.at
25	ad4m.at	spaceeditors.com ad4m.at emmaglam.com
18	api.webgains.io	analytics.webgains.io
18	emmaglam.com	spaceeditors.com emmaglam.com
14	as.ad4m.at	ad4m.at as.ad4m.at
12	track.webgains.com	as.ad4m.at
8	www.siceu.de	www.siceu.de
7	analytics.webgains.io	track.webgains.com
6	cdn.track.production.webgains.team	as.ad4m.at
6	www.awin1.com	2 redirects as.ad4m.at
5	pagead2.googlesyndication.com	emmaglam.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.fastcounter.de	www.siceu.de www.fastcounter.de
4	siceu.de	www.siceu.de siceu.de
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com emmaglam.com
3	pb.media01.eu	as.ad4m.at
3	pv.medialead.de	3 redirects
3	spaceeditors.com	www.fastcounter.de spaceeditors.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	tool.hubu.link	emmaglam.com
2	static.hubu.fm	2 redirects
2	pvx.freenet-mobilfunk.de	as.ad4m.at
2	ref.cdnplus.de	mpa4xbbs6m73.de ref.cdnplus.de
1	www.google.com	tpc.googlesyndication.com
1	partner.o2online.de	as.ad4m.at
1	partner.blau.de	as.ad4m.at
1	vfd2dyn.vodafone.de	as.ad4m.at
1	m.exactag.com	1 redirects
1	private.vodafone-affiliate.de	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	fonts.googleapis.com	emmaglam.com
1	static.a-ads.com	ad.a-ads.com
1	de-c114.cdnplus.de	www.fastcounter.de
1	thisis.aninter.net	1 redirects
1	ad.a-ads.com	mpa4xbbs6m73.de
1	c.blyatflix.de	mpa4xbbs6m73.de
1	mpa4xbbs6m73.de	www.fastcounter.de
197	39

This site contains links to these domains. Also see Links.

Domain
siceu.de
europa.eu

Subject Issuer	Validity	Valid
www.fastcounter.de R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
spaceeditors.com R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
mpa4xbbs6m73.de R3	`2022-07-02` - `2022-09-30`	3 months	crt.sh
ref.cdnplus.de R3	`2022-07-02` - `2022-09-30`	3 months	crt.sh
c.blyatflix.de R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
emmaglam.com R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-08-08` - `2023-09-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 29 frames:

Primary Page: http://www.siceu.de/
Frame ID: 0A6C5F9529CFECC82736AC5027EE8119
Requests: 11 HTTP requests in this frame

Frame: http://siceu.de/upload/ANTEILSWERT.html
Frame ID: AF542B92D75F9095BABD81DF7FEB8C8C
Requests: 2 HTTP requests in this frame

Frame: http://siceu.de/upload/GEWINN.html
Frame ID: 12B9100B1DDE299C084B7012DCB3E999
Requests: 2 HTTP requests in this frame

Frame: https://www.fastcounter.de/b.php
Frame ID: 57CEA7A36A7175A3CD621B674E1D2845
Requests: 4 HTTP requests in this frame

Frame: https://spaceeditors.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Frame ID: BBD988024F01A0A85775D5030390422D
Requests: 1 HTTP requests in this frame

Frame: https://spaceeditors.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Frame ID: F6CB9FE3C2E820568D804D33CDCDCECA
Requests: 3 HTTP requests in this frame

Frame: https://ref.cdnplus.de/
Frame ID: F99B6732AE6EA7283BEB171F1C688AF3
Requests: 2 HTTP requests in this frame

Frame: https://c.blyatflix.de/nora/?t=1661937122
Frame ID: 02D6A9EC7FABF4C9ABFCA4EB83C8023F
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1616084?size=300x250
Frame ID: AB1E480281A378DFF6510AA01EF42C0A
Requests: 2 HTTP requests in this frame

Frame: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Frame ID: 20603ECEB63D021BD8E099EA875AEDC3
Requests: 35 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0A447D55ABA5FE9072334FB52EEF8E15
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0
Frame ID: 365EDACDB637D0CDDF08752D87C6AA4A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Frame ID: 024731579791C5FB0D456B8BA6C8991D
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DA51766280E1B657F8569F0A80BCCEB0
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 90B4FC68298C6A963AC02ABCF5B86EB4
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 86FFDFD4CF0B0C9FAA8A4D19DD120958
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A8E7628461C8C4B001D209BF6DFAE721
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 70A2414CB72131B8A111BD3EC0B99369
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3EB7CBB0358795D5DCA609CC23BCA09E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DA3A50FBD8B7483707618835DE6AC480
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4176752718986875&output=html&adk=1812271804&adf=3011350652&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fspaceeditors.com%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&dt=1661937122695&bpp=48&bdt=185&idt=261&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&nras=1&correlator=4874525813456&frm=8&ife=1&pv=2&ga_vid=678644174.1661937123&ga_sid=1661937123&ga_hid=1672290070&ga_fc=0&nhd=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2186634244&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069094%2C31068921&oid=2&pvsid=1202350255705404&tmod=1389044628&uas=0&nvt=1&top=http%3A%2F%2Fwww.siceu.de&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.2gbzg0ucwcfg&fsb=1&dtd=284
Frame ID: 50631005F102FA0C42EB2D2D870742AF
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
Frame ID: 35B32625C92B8E89C0459A08C47A0F7B
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Frame ID: 8FC291C5FBBD341043D6E46C45B7ADB2
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0
Frame ID: 0776E740AC52E1C8C1A6BC4115FE319A
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0
Frame ID: 444F69F0EA38EA945C0AC0E2F6161B44
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
Frame ID: 1EFBE8F0DB9DDED50B967239FDFDE40B
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Frame ID: C1B1FE9CA813DB188D1A6B2C0A16A8D9
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0719273E2C8B831D55E76B5E1515ED6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B13420198D9CF62473FB1A01E4311435
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

197
Requests

88 %
HTTPS

43 %
IPv6

31
Domains

39
Subdomains

25
IPs

5
Countries

8678 kB
Transfer

9917 kB
Size

21
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://siceu.de/seite6.html

Search URL Search Domain Scan URL

URL: https://europa.eu/european-union/about-eu/countries/member-countries/malta_en

Search URL Search Domain Scan URL

URL: http://siceu.de/kontakt.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://thisis.aninter.net/ HTTP 302
https://de-c114.cdnplus.de/antibot.mp3

Request Chain 34

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidgA42h8frfeqXaPHbH8t5tG6AcmSjtm6Teoneid__misaglam_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidgA42h8frfeqXaPHbH8t5tG6AcmSjtm6Teoneid__misaglam_advancedad_728x90&actionid=981741&produktid=&dt_url=

Request Chain 37

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9oneid__misaglam_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871;VPID;&eventid=11420_412871_1661937122_f9eba5f2-290c-11ed-b38a-2238c37626e7

Request Chain 66

https://static.hubu.fm/matomo.js HTTP 301
https://tool.hubu.link/matomo.js

Request Chain 90

https://static.hubu.fm/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=493174&h=9&m=12&s=3&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabnehmen-mit-diesem-leckeren-rezept%2F&urlref=https%3A%2F%2Fspaceeditors.com%2F&_id=&_idn=1&send_image=0&_refts=1661937123&_ref=https%3A%2F%2Fspaceeditors.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=bfRfQO&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=146&pf_srv=155&pf_tfr=1&pf_dm1=283 HTTP 301
https://tool.hubu.link/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=493174&h=9&m=12&s=3&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabnehmen-mit-diesem-leckeren-rezept%2F&urlref=https%3A%2F%2Fspaceeditors.com%2F&_id=&_idn=1&send_image=0&_refts=1661937123&_ref=https%3A%2F%2Fspaceeditors.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=bfRfQO&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=146&pf_srv=155&pf_tfr=1&pf_dm1=283

Request Chain 100

https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidqxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3oneid__emmaglam_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidqxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3oneid__emmaglam_advancedad_160x600&actionid=981741&produktid=&dt_url=

Request Chain 103

https://private.vodafone-affiliate.de/tpv.php?t=112510V1175122964M&cons=&subid=oneid8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbckoneid__emmaglam_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://m.exactag.com/ai.aspx?extCa=707&extTcm=AffDisPer12218C|NonCpoNon|fq0gen&url=http://vfd2dyn.vodafone.de/csp/csp.php?b_id=1744&r_id=htlp&aid=2022083111120375770028335X112510V1175122964MSoneid8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbckoneid__emmaglam_advancedad_160x600&affiliate=112510&VFAffID=12218&pid=12218&extProvId=315&extProvApi=129048&extPu=12218&extLi=112510&extPm=112510&extCr=WWWWW HTTP 302
https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1744&r_id=htlp&aid=2022083111120375770028335X112510V1175122964MSoneid8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbckoneid__emmaglam_advancedad_160x600&affiliate=112510&VFAffID=12218&pid=12218&extProvId=315&extProvApi=129048&extPu=12218&extLi=112510&extPm=112510&extCr=WWWWW

Request Chain 122

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022083111120375770028435X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

Request Chain 126

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidpqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSEoneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871;VPID;&eventid=11420_412871_1661937123_fa3ef610-290c-11ed-94b9-2265b3bf8141

Request Chain 129

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022083111120375770028433X117679V1226132702MSoneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&cons=0&spid=2022083111120375770028433X117679V1226132702MSoneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&wfid=117679&partnerid=12218

Request Chain 140

https://pv.medialead.de/trck/epv/2aed39855b5f46b73641100396ef4a14?t=htlp&subid=oneid26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtgoneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtgoneid__emmaglam_advancedad_300x600&actionid=981741&produktid=&dt_url=

197 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.siceu.de/ 4 KB
2 KB 85ms
36ms Document
text/html 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.siceu.de/
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash: 263059d00f50a2a7c08c90e5c435d0a40c962726a870b61c69be6d706a937ed0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 1373
Content-Type: text/html
Date: Wed, 31 Aug 2022 09:12:01 GMT
ETag: "fc9-5e56c38ba5b63-gzip"
Keep-Alive: timeout=2, max=1000
Last-Modified: Thu, 04 Aug 2022 15:44:14 GMT
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK logo-safe.jpg
www.siceu.de/images/ 66 KB
66 KB 36ms
36ms Image
image/jpeg 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.siceu.de/images/logo-safe.jpg
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash: 5f0a71528d959fd60cd17a04f15a4752efb3a83f1d85413404cb3fe49817406b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.siceu.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:01 GMT
Last-Modified: Fri, 10 Jun 2022 16:18:25 GMT
Server: Apache
ETag: "10853-5e11a49b2e0c4"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=999
Content-Length: 67667

GET
H/1.1 200
OK spardose.jpg
www.siceu.de/images/ 57 KB
57 KB 71ms
36ms Image
image/jpeg 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.siceu.de/images/spardose.jpg
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash: 0f94c3f1fd1be876f50a5582135f9214708decfd54dc81bc1eae6afe018af65a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.siceu.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:01 GMT
Last-Modified: Thu, 10 Sep 2020 08:10:31 GMT
Server: Apache
ETag: "e3aa-5aef11a172f36"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=1000
Content-Length: 58282

GET
H/1.1 200
OK vorlage21.jpg
www.siceu.de/images/ 25 KB
25 KB 72ms
36ms Image
image/jpeg 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.siceu.de/images/vorlage21.jpg
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash: a721db9bf08d71797d1e0e6e1772712b884e529ab3e88a49cab36f2362bbbd13

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.siceu.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:01 GMT
Last-Modified: Wed, 01 Sep 2021 01:36:35 GMT
Server: Apache
ETag: "6201-5cae518c200f2"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=1000
Content-Length: 25089

GET
H/1.1 200
OK vorlage24.jpg
www.siceu.de/images/ 28 KB
29 KB 73ms
37ms Image
image/jpeg 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.siceu.de/images/vorlage24.jpg
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash: 610262ee4c1e30b9d4973727c73e58a1d19f6805adb8e7c5cec42597bfae333e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.siceu.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:01 GMT
Last-Modified: Tue, 31 Aug 2021 09:22:43 GMT
Server: Apache
ETag: "717c-5cad77dfbe70e"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=1000
Content-Length: 29052

GET
H/1.1 200
OK vorlage25.jpg
www.siceu.de/images/ 21 KB
21 KB 72ms
36ms Image
image/jpeg 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.siceu.de/images/vorlage25.jpg
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash: b1d6f69f76d5384a109ac5d3421713af148a90df6f059b3d3b5923c6667bb0cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.siceu.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:01 GMT
Last-Modified: Tue, 31 Aug 2021 08:38:28 GMT
Server: Apache
ETag: "53e4-5cad6dfbaddce"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=1000
Content-Length: 21476

GET
H/1.1 200
OK vorlage23.jpg
www.siceu.de/images/ 27 KB
27 KB 73ms
37ms Image
image/jpeg 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.siceu.de/images/vorlage23.jpg
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash: 92b8ff504d9e6cb5e9641251debe5b11f928a264ba7c0a203e6746d0ca4034d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.siceu.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:01 GMT
Last-Modified: Wed, 01 Sep 2021 10:24:32 GMT
Server: Apache
ETag: "6a31-5caec78de8d37"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=1000
Content-Length: 27185

GET
H/1.1 200
OK Kasten-schrift.jpg
www.siceu.de/images/ 109 KB
110 KB 36ms
36ms Image
image/jpeg 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.siceu.de/images/Kasten-schrift.jpg
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash: b13891cf50e96e70a39b3edcb17dce6a080a0d77f88ca602d74e1d54ee9db0fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.siceu.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:01 GMT
Last-Modified: Mon, 06 Dec 2021 09:49:26 GMT
Server: Apache
ETag: "1b5a4-5d2772c1cfacb"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=998
Content-Length: 112036

GET
H/1.1 200
OK ANTEILSWERT.html Show response
siceu.de/upload/ Frame AF54 1 KB
983 B 100ms
37ms Document
text/html 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: http://siceu.de/upload/ANTEILSWERT.html
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash: 13cac2dfa81988834f0bcbdaf219d4c242cc7b180bce48dd6df303d75f61199b

Request headers

Referer: http://www.siceu.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 624
Content-Type: text/html
Date: Wed, 31 Aug 2022 09:12:01 GMT
ETag: "490-5e78470225184-gzip"
Keep-Alive: timeout=2, max=1000
Last-Modified: Wed, 31 Aug 2022 07:28:06 GMT
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK GEWINN.html Show response
siceu.de/upload/ Frame 12B9 1 KB
1000 B 98ms
36ms Document
text/html 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: http://siceu.de/upload/GEWINN.html
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash: 35a3c805f21d5df6f74e8d75a4223519934e28cac9b11179a572508954f29494

Request headers

Referer: http://www.siceu.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 641
Content-Type: text/html
Date: Wed, 31 Aug 2022 09:12:01 GMT
ETag: "4aa-5e784702a40c7-gzip"
Keep-Alive: timeout=2, max=1000
Last-Modified: Wed, 31 Aug 2022 07:28:07 GMT
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding,User-Agent

GET
H2 200 fcount.php Show response
www.fastcounter.de/ 1 KB
647 B 151ms
41ms Script
text/html 2a01:4f9:4b:1406::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fastcounter.de/fcount.php?rnd=70922812606
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 431dbe63bce1acf0407a63f8019851c5c9cbb89627263751163bdab3aa9c9118

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.siceu.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 09:12:01 GMT
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
server: nginx/1.18.0
content-encoding: gzip
content-type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found style.css
siceu.de/upload/ Frame 12B9 0
0 36ms
36ms Stylesheet
text/html 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: http://siceu.de/upload/style.css
Requested by: Host: siceu.de
URL: http://siceu.de/upload/GEWINN.html
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siceu.de/upload/GEWINN.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:01 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=999
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found style.css
siceu.de/upload/ Frame AF54 0
0 37ms
36ms Stylesheet
text/html 85.13.135.3
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: http://siceu.de/upload/style.css
Requested by: Host: siceu.de
URL: http://siceu.de/upload/ANTEILSWERT.html
Protocol: HTTP/1.1
Server: 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd12828.kasserver.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://siceu.de/upload/ANTEILSWERT.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:01 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=999
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 fcounter.php Show response
www.fastcounter.de/ 929 B
1011 B 42ms
42ms Script
text/javascript 2a01:4f9:4b:1406::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fastcounter.de/fcounter.php?test=1&rnd=46601107&s=gray&id=35974&l=en-US&u=&w=1600&h=1200
Requested by: Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcount.php?rnd=70922812606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e8236d800cf8bb13e38ef8ee692553c55814640285f3d8057b70e110e839c629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.siceu.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:01 GMT
server: nginx/1.18.0
content-length: 929
content-type: text/javascript;charset=UTF-8

GET
H2 200 b.php Show response
www.fastcounter.de/ Frame 57CE 314 B
332 B 144ms
144ms Document
text/html 2a01:4f9:4b:1406::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fastcounter.de/b.php
Requested by: Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcounter.php?test=1&rnd=46601107&s=gray&id=35974&l=en-US&u=&w=1600&h=1200
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 609c95d0f78d37959654f1b0f5eb9eb09b621cf94956115a2eccf683f7c6b7eb

Request headers

Referer: http://www.siceu.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 09:12:01 GMT
server: nginx/1.18.0

GET
H2 200 fastcounter-banner-gray.gif
www.fastcounter.de/CIncludes/img/ 167 B
292 B 41ms
41ms Image
image/gif 2a01:4f9:4b:1406::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fastcounter.de/CIncludes/img/fastcounter-banner-gray.gif
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3c8ccb6999f4b357495a29295b17c4be3d4b9853df8eed92d491cd47707cea87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.siceu.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:01 GMT
last-modified: Tue, 09 Sep 2014 14:37:31 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "540f10ab-a7"
content-length: 167
content-type: image/gif

GET
H2 200 jquery.php Show response
spaceeditors.com/ Frame 57CE 230 B
344 B 102ms
28ms Script
text/html 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://spaceeditors.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1

Requested by

Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

02900c9f1415a64006f18370166aeeffee0c4bec42f42c7434eec351bd044552

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastcounter.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
server: nginx
date: Wed, 31 Aug 2022 09:12:01 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 jw.js Show response
mpa4xbbs6m73.de/ Frame 57CE 2 KB
776 B 166ms
67ms Script
text/javascript 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mpa4xbbs6m73.de/jw.js?de=E6eMu7U8GN5V2QLU

Requested by

Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

f1f34cf9cec8ba5e84b2bffc77b80f70a5386db40bc8022adb6c27882a919aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastcounter.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: text/javascript;charset=utf-8

GET
H2 200 b2.php Show response
spaceeditors.com/ Frame BBD9 693 B
573 B 29ms
29ms Document
text/html 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://spaceeditors.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1

Requested by

Host: spaceeditors.com
URL: https://spaceeditors.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

409e64d11d5be6d84236508cde160537b30660818cc4d859de02d0f462e3fb5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fastcounter.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 09:12:02 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
spaceeditors.com/ Frame F6CB 608 B
551 B 47ms
47ms Document
text/html 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://spaceeditors.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=

Requested by

Host: spaceeditors.com
URL: https://spaceeditors.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

7822454304c0dd674f7b4bc03a08f3e738471c38ad3b0a4d0906aebf459b9aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spaceeditors.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 09:12:02 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
ref.cdnplus.de/ Frame F99B 805 B
761 B 99ms
28ms Document
text/html 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.cdnplus.de/

Requested by

Host: mpa4xbbs6m73.de
URL: https://mpa4xbbs6m73.de/jw.js?de=E6eMu7U8GN5V2QLU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

f4b8945db547f5758694227b0cd8f2768b84826fcde9e0746884b4c3e2f5d822

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 09:12:02 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
c.blyatflix.de/nora/ Frame 02D6 0
197 B 117ms
66ms Document
text/html 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.blyatflix.de/nora/?t=1661937122

Requested by

Host: mpa4xbbs6m73.de
URL: https://mpa4xbbs6m73.de/jw.js?de=E6eMu7U8GN5V2QLU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 09:12:02 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 1616084 Show response
ad.a-ads.com/ Frame AB1E 12 KB
5 KB 111ms
37ms Document
text/html 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1616084?size=300x250

Requested by

Host: mpa4xbbs6m73.de
URL: https://mpa4xbbs6m73.de/jw.js?de=E6eMu7U8GN5V2QLU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.138.69.40.188.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

77f4e1642aca595b447f2302069d91e161eb892844eab1e05ade8bb993918db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 31 Aug 2022 09:12:02 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.0

200
OK

antibot.mp3
de-c114.cdnplus.de/ Frame 57CE
Redirect Chain

https://thisis.aninter.net/
https://de-c114.cdnplus.de/antibot.mp3

139 KB
0

519ms
174ms

Media
audio/mpeg

162.19.154.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://de-c114.cdnplus.de/antibot.mp3
Requested by: Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol: HTTP/1.0
Server: 162.19.154.224 , France, ASN16276 (OVH, FR),
Reverse DNS: de-c114.cdnplus.de
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

icy-name: Hubu.FM | Radio Hunteburg
X-Clacks-Overhead: GNU Terry Pratchett
icy-br: 128
icy-notice2: Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url: https://hubu.fm
Access-Control-Allow-Origin: *
icy-genre: Misc, News
icy-sr: 44100
icy-pub: 1
Connection: close
Accept-Ranges: none
content-type: audio/mpeg
icy-notice1: <BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
Cache-Control: no-cache,no-store,must-revalidate,max-age=0

Redirect headers

location: https://de-c114.cdnplus.de/antibot.mp3
date: Wed, 31 Aug 2022 09:12:02 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 wgpizbdq.js Show response
ad4m.at/ Frame F6CB 36 KB
13 KB 98ms
38ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/wgpizbdq.js
Requested by: Host: spaceeditors.com
URL: https://spaceeditors.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spaceeditors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79932
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:41:47 GMT
server: cloudflare
etag: W/"ac60ade5ed7352595cc3030edbc5e415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vs89NBNTyg37mwnjE4RMc95BvlXqF%2B9oobKFiiQ78uhKcwvEveNYtKqNANk%2B%2FbP9RdYKnz77crnXXb7N4tJJ3rggg%2FfSHR7vgX5Os0m51LNpNKby9vcRC7jx65MmKcoEnc6OU8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
expires: Tue, 23 Aug 2022 11:02:04 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7434a4659dbaf91f-MXP
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
ref.cdnplus.de/ Frame F99B 94 KB
38 KB 56ms
55ms Script
application/javascript 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ref.cdnplus.de/jquery.min.js
Requested by: Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h109.hubuhost.com
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ref.cdnplus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 14:16:34 GMT
server: nginx
etag: W/"628f8bc2-1762a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Wed, 07 Sep 2022 09:12:02 GMT

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393795/ Frame AB1E 609 KB
610 KB 55ms
28ms Image
image/gif 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393795/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.69.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 31 May 2022 13:40:41 GMT
server: nginx
x-amz-request-id: 3G9P0R8A8EQADHJH
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
content-length: 623504
accept-ranges: bytes
x-amz-version-id: FNTy6PSZIujNe9T_DALSYLZHxxf2zICy
x-amz-id-2: prMB70adhBcjfmxA1q0mjkW/s8+WpK8gKF5z5HyH+IGL8yjq920vmDKuNVox7bkM/16jaxLrf+U=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/ Frame 2060 55 KB
15 KB 300ms
155ms Document
text/html 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Requested by

Host: spaceeditors.com
URL: https://spaceeditors.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

89141fb02ca66a70d90ff804823dd662c99cee3ec72b5bc33f2e995a4ef76695

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spaceeditors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 09:12:02 GMT
link: <https://emmaglam.com/wp-json/>; rel="https://api.w.org/" <https://emmaglam.com/wp-json/wp/v2/posts/883>; rel="alternate"; type="application/json" <https://emmaglam.com/?p=883>; rel=shortlink
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-pingback: https://emmaglam.com/xmlrpc.php
x-xss-protection: 1; mode=block

GET
H2 200 frame.html Show response
ad4m.at/ Frame 0A44 2 KB
1 KB 38ms
37ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://spaceeditors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 479211
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7434a465ee0cf91f-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FF8A8HJAU%2BrCpGCwSjTvdjIARCPBVHQJoT5TYPD8q671uopY1VlZ%2B3uXub%2FacCBokIewAbjK6Az0Tv2JwALFl8qAyLDnKXV94zcR4rZmN%2Bk7kje0WcFpRC36n5tKv4C9Nc0bI4I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame F6CB 456 B
906 B 63ms
62ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eb063eb579747678fb0340208535cfbb3e6d5957838d1903e28f9b8e9bf2a07

Request headers

Referer: https://spaceeditors.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7434a466d8f083be-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjZFURDxlczh6Ap62a9bK4CFWtMKqfOOv0Rvwa0hoS4z1JeyJmpehVR6sjE3d4sg0ipAkyb9yElZ75qeu8h1VCeB5wEo%2BPBCKz5PxeIzS9P7ujPMPgFQH0mkpNxHDyLnvcMbA4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://spaceeditors.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-h8v1

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 95ms
68ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://spaceeditors.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://spaceeditors.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7434a466682a83be-MXP
content-length: 24
content-type: text/plain
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZIIKTaFlYEtiBnQD%2BNucrPKP0vbwm60iEUiswawHahLLU7cH52cY4R2NzmcrOiCFr1mRUkvGQw47Payu7zYsiDhRKkHhzz2RGwzadFDqdj7xsitqTmZCVr8g%2FrVN%2BIi8gWwGoM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-h8v1

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 365E 6 KB
4 KB 78ms
63ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9632ed2461a11762cfac52f1e5acfad3dfd142c0ad2ca326d16d88e56a3a5475

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spaceeditors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7434a4675f34f91f-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 365E 85 KB
11 KB 38ms
38ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 151401
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86775
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 15:08:41 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7434a467cbcf839c-MXP
cf-bgj: minify

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 365E 10 KB
10 KB 87ms
73ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 572609
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9782
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tv8Aqy900zl0s47xEttnOxhninfnv488mXEQuzzhIc3E6rerAVw3lFdTVm8PIMaNEqsv8Kuq6ukwb6v7oX1Rl3qWbCjqHbNXHw6%2Bx%2FsavqSG9CWvktnJHuB3bDMTXk%2Bdgel4Dtm9f05LNc3G"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:02 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a467dfeff91f-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame 365E 51 KB
51 KB 83ms
74ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 570768
cf-polished: qual=85, origFmt=jpeg, origSize=128978
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52014
last-modified: Tue, 31 May 2022 12:16:42 GMT
server: cloudflare
etag: "aa8c145ca1b6cb2be4e511f8f6f2685d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iJ0ywy4850GxQKcNBg%2Bz2qy1skhZwXfVXsmidhSUhjm0DX0THlZA4tqd50HK1uedzoBj5US8dKIgDbJID1xy0KCCSJ%2FFu8ksn9mpnkFh1wKX4tSfg5yzVUCIwwIvVY8p%2Fu8FjsQgBqiQFYh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:02 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a467dff0f91f-MXP
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 365E
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidgA42h8frfeqXaPHbH8t5tG6AcmSjtm6Teoneid__misaglam_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidgA42h8frfeqXaPHbH8t5tG6AcmSjtm6Teoneid__misaglam_advancedad_728x90&actionid=981741&produktid=...

0
607 B

115ms
44ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidgA42h8frfeqXaPHbH8t5tG6AcmSjtm6Teoneid__misaglam_advancedad_728x90&actionid=981741&produktid=&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 31 Aug 2022 11:12:03 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 31 Aug 2022 09:12:02 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D940971D:A076_91EFC182:01BB_630F25E2_659C279:1F22D
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidgA42h8frfeqXaPHbH8t5tG6AcmSjtm6Teoneid__misaglam_advancedad_728x90&actionid=981741&produktid=&dt_url=
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 200 7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
assets.ad4m.at/logo/ Frame 365E 7 KB
7 KB 82ms
74ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 406664
cf-polished: qual=85, origFmt=jpeg, origSize=20298
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6740
last-modified: Tue, 19 Jul 2022 19:05:28 GMT
server: cloudflare
etag: "dcdbfc63ef930c205a6c8ec70a6f5e71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LelViaUVOgS59%2BRf8mX5byVqkz0d30ybimAr9S10%2BC66BoyT4jytQnqijUWraH9pMSOoI6MkFA4xgQTzC72854N%2FP%2Fql1kbGnThOIlNeB91I0YxVL%2BrGI0gNMWSsgQfGK1NP9HBCNB2s0zOz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:02 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a467dff1f91f-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
assets.ad4m.at/product_image/ Frame 365E 256 KB
257 KB 44ms
36ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231515acac534354a11000685ba5e093bdf4b6d6bd3ca7455b6bb5a7502c570c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 567093
cf-polished: origFmt=png, origSize=404140
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 262476
last-modified: Tue, 31 May 2022 12:50:17 GMT
server: cloudflare
etag: "2ffe877a2fd7c65a1f5b57fbcb242dc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAIpr6z7gbkTgxkHYHhCXJX5iXHRPyjo4atJa5%2Bk5n5PxlfscHh5%2B8gt20WrY42R0aJNDMt%2F%2BXHAZlRLh23gpnDDqOXw1mbSI32TQ7MKVXsTDxzGvQn%2FnppI802gbT9JJYWZoVWScDouadMn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:02 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a467dfebf91f-MXP
cf-bgj: imgq:85,h2pri

GET
H2

200

/
pvx.freenet-mobilfunk.de/ Frame 365E
Redirect Chain

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9oneid__misaglam_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871;VPID;&eventid=11420_412871_1661937122_f9eba5f2-290c-11ed-b38a-2238c37626e7

43 B
881 B

133ms
49ms

Image
image/gif

2606:4700::6812:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871;VPID;&eventid=11420_412871_1661937122_f9eba5f2-290c-11ed-b38a-2238c37626e7

Requested by

Protocol

Server

2606:4700::6812:3c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7434a46a4af1cc4e-ZRH
p3p: CP="ALL CUR DEV PSA OUR IND STA"
content-type: image/gif

Redirect headers

Date: Wed, 31 Aug 2022 09:12:02 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871;VPID;&eventid=11420_412871_1661937122_f9eba5f2-290c-11ed-b38a-2238c37626e7
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
assets.ad4m.at/logo/ Frame 365E 33 KB
34 KB 82ms
75ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 647452
cf-polished: origFmt=png, origSize=48887
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33666
last-modified: Mon, 19 Oct 2020 12:32:26 GMT
server: cloudflare
etag: "4fe1ecb98ff38283cdb2ae157e399ba2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhBvuI5nVZA3YhFlDqiu6OfLRi6U4j9zALBMIsaYvRdx7jtLks9q8l8QaOUMi3yyEScxrwsN4HSHGv38uvb3gB%2BK7P9%2FmJxmOlWhJkd6Sc5QlzMS1h%2BI8I2Xk9ZZRdCJN%2FY2XttOUIehSuMU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:02 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a467dfedf91f-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 B8FB6A32167DA26E4E474968A055593FF43C0F2954AE66BD1798EADDCF9AC0A502F9D7413CFAA5E7E5809133DC210348B7DFA8E57B3C10CD8B0F8FAED993BB11
assets.ad4m.at/product_image/ Frame 365E 68 KB
69 KB 82ms
74ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B8FB6A32167DA26E4E474968A055593FF43C0F2954AE66BD1798EADDCF9AC0A502F9D7413CFAA5E7E5809133DC210348B7DFA8E57B3C10CD8B0F8FAED993BB11
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fcbb378853463a4988a16d61fc995f41056c60236b8e1d4decdc9cb25c999a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 572877
cf-polished: qual=85, origFmt=jpeg, origSize=79101
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70108
last-modified: Wed, 27 Jul 2022 12:23:23 GMT
server: cloudflare
etag: "58879895efe64f553dc9fa167564951f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiXiMt3dZSa75rLJO3IXWXF44Ir63owwR50MpRszVqVDHvUHNapOCRtBwQXtFu8gQ36zWMmbFIqiLsqwiKuoVMBMiShVnAhEDFJVx%2FA9ccdu2pqp40wRWF1AMbrRqHS8bSFMXeTzx2AwrCF7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:02 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a467dfeef91f-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2060 165 KB
57 KB 112ms
66ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4176752718986875

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8af56807fd1c2f4437ff1d5e03c95b456ce567a854ca3e153be3a106572cffe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://emmaglam.com/
Origin: https://emmaglam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57326
x-xss-protection: 0
server: cafe
etag: 182146298741996404
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 09:12:02 GMT

GET
H2 200 style.min.css
emmaglam.com/wp-includes/css/dist/block-library/ Frame 2060 87 KB
87 KB 41ms
37ms Stylesheet
text/css 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Wed, 13 Jul 2022 01:59:20 GMT
server: nginx
etag: "62ce26f8-15b64"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css
accept-ranges: bytes
content-length: 88932
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 2060 21 KB
2 KB 82ms
36ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CKarla%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPT+Serif%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPlayfair+Display%3A300%2C300i%2C400%2C400i%2C700%2C700i

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

edb6726c3fff1860799494fa30ffe3661c2527fec7263f75c43b7be211eaeb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 08:50:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 31 Aug 2022 09:12:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Aug 2022 09:12:02 GMT

GET
H2 200 normalize.css
emmaglam.com/wp-content/themes/blake-von-hauer/css/ Frame 2060 8 KB
8 KB 41ms
38ms Stylesheet
text/css 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/css/normalize.css?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

d618a3a41f1fe2e4aacade7342bb5994e35f98557b4e3336c17a48da88e953e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-1e75"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css
accept-ranges: bytes
content-length: 7797
x-xss-protection: 1; mode=block

GET
H2 200 style.css
emmaglam.com/wp-content/themes/blake-von-hauer/ Frame 2060 49 KB
49 KB 95ms
92ms Stylesheet
text/css 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/style.css?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

fd61b4726abb58bb90d2820f7026c087362c59327c56b357c3f7ce810a6ade59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-c4d2"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css
accept-ranges: bytes
content-length: 50386
x-xss-protection: 1; mode=block

GET
H2 200 font-awesome.min.css
emmaglam.com/wp-content/themes/blake-von-hauer/css/ Frame 2060 28 KB
29 KB 95ms
93ms Stylesheet
text/css 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/css/font-awesome.min.css?ver=4.6.3

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

1f4082bc4d525c198936b8e7b8bda99929537de890c143e5e35fca4ac23b2a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-7175"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css
accept-ranges: bytes
content-length: 29045
x-xss-protection: 1; mode=block

GET
H2 200 jquery.bxslider.css
emmaglam.com/wp-content/themes/blake-von-hauer/css/ Frame 2060 4 KB
4 KB 96ms
93ms Stylesheet
text/css 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/css/jquery.bxslider.css?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

0593174ff4efdddac16bae8411b2c4cd61adbf920f4324ead464074ccc63917d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-f23"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css
accept-ranges: bytes
content-length: 3875
x-xss-protection: 1; mode=block

GET
H2 200 responsive.css
emmaglam.com/wp-content/themes/blake-von-hauer/css/ Frame 2060 12 KB
12 KB 96ms
93ms Stylesheet
text/css 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/css/responsive.css?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

125ca25dca8afb2c0c712f9d8fd2c86183d96cedb25e99617e74ad20879b7165

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-30de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css
accept-ranges: bytes
content-length: 12510
x-xss-protection: 1; mode=block

GET
H2 200 slicknav.css
emmaglam.com/wp-content/themes/blake-von-hauer/css/ Frame 2060 2 KB
2 KB 96ms
94ms Stylesheet
text/css 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/css/slicknav.css?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

f690efa866e3c106311602fd8846c3140460fb1238f85424131ebe0c198d2591

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-8f8"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css
accept-ranges: bytes
content-length: 2296
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
emmaglam.com/wp-includes/js/jquery/ Frame 2060 87 KB
88 KB 96ms
94ms Script
application/javascript 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:07:22 GMT
server: nginx
etag: "6124d2ea-15db1"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
content-length: 89521
x-xss-protection: 1; mode=block

GET
H2 200 jquery-migrate.min.js Show response
emmaglam.com/wp-includes/js/jquery/ Frame 2060 11 KB
11 KB 96ms
94ms Script
application/javascript 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:07:22 GMT
server: nginx
etag: "6124d2ea-2bd8"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
content-length: 11224
x-xss-protection: 1; mode=block

GET
H3 200 wgpizbdq.js Show response
ad4m.at/ Frame 2060 36 KB
13 KB 55ms
54ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/wgpizbdq.js
Requested by: Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80881
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:41:47 GMT
server: cloudflare
etag: W/"ac60ade5ed7352595cc3030edbc5e415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3ks21lb8nAjteNuvJ1m%2FFzJu9s0kGhKin5Lkx3NhYIucLfED1oEzBt0D9qBuLaF795VJDvMnWXUZP8Je0%2FlswNocOR%2FFratmhLeZ0Gjnxa%2BVZuP%2BgO0AJUmBqQRuC0%2BHRac0Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7434a467dbed839c-MXP
expires: Tue, 23 Aug 2022 11:02:04 GMT

GET
H2 200 zucchini-1040x1387.jpeg
emmaglam.com/wp-content/uploads/2021/08/ Frame 2060 617 KB
618 KB 33ms
30ms Image
image/jpeg 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emmaglam.com/wp-content/uploads/2021/08/zucchini-1040x1387.jpeg

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

bf205569fe444f13084084efb6712517da6e6b59bbeafa2933fbb93bb1f7eda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 14:30:39 GMT
server: nginx
etag: "6125028f-9a582"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 632194
x-xss-protection: 1; mode=block

GET
H2 200 modernizr.js Show response
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 2060 2 KB
2 KB 28ms
28ms Script
application/javascript 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/js/modernizr.js?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

b809efcc7fd9ea21ab5a028abfa4102480b42f33542962cb545b3b8ec9c9b6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-8f2"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
content-length: 2290
x-xss-protection: 1; mode=block

GET
H2 200 jquery.fitvids.js Show response
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 2060 3 KB
3 KB 33ms
32ms Script
application/javascript 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/js/jquery.fitvids.js?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

1ac676f1c4a499cade859da1d11326a01fb3d99ebdec2d31aaac0ef8d387a834

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-b34"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
content-length: 2868
x-xss-protection: 1; mode=block

GET
H2 200 jquery.bxslider.min.js Show response
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 2060 19 KB
19 KB 30ms
27ms Script
application/javascript 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/js/jquery.bxslider.min.js?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

f840acfbbd734f7355b50043ebdf0daade546a92763d0fcf9cadab92c1919265

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-4bd2"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
content-length: 19410
x-xss-protection: 1; mode=block

GET
H2 200 burnhambox-bx.js Show response
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 2060 2 KB
2 KB 32ms
28ms Script
application/javascript 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/js/burnhambox-bx.js?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

bebbc1dd159904af1973d97ce32f0390a377f2e2f8692b1a23a86f6a1b0a2781

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-929"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
content-length: 2345
x-xss-protection: 1; mode=block

GET
H2 200 burnhambox.js Show response
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 2060 6 KB
7 KB 33ms
29ms Script
application/javascript 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/js/burnhambox.js?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

8ad12eed523baa167f8090c7c10af10b527e2829a98e1510b95a57d105e490e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-195a"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
content-length: 6490
x-xss-protection: 1; mode=block

GET
H2 200 jquery.slicknav.min.js Show response
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 2060 6 KB
6 KB 33ms
29ms Script
application/javascript 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-content/themes/blake-von-hauer/js/jquery.slicknav.min.js?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

2b784d3e5c0e39e317b6f6298ea422ffec43793f96a9db00ce3765ca66cd87cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Tue, 24 Aug 2021 11:11:32 GMT
server: nginx
etag: "6124d3e4-18f7"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
content-length: 6391
x-xss-protection: 1; mode=block

GET
H2 200 wp-emoji-release.min.js Show response
emmaglam.com/wp-includes/js/ Frame 2060 18 KB
18 KB 34ms
31ms Script
application/javascript 195.201.169.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://emmaglam.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.184.169.201.195.clients.your-server.de

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Wed, 25 May 2022 01:59:21 GMT
server: nginx
etag: "628d8d79-48b9"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
content-length: 18617
x-xss-protection: 1; mode=block

GET
H2 200 link.html Show response
track.webgains.com/ Frame 365E 2 KB
2 KB 177ms
91ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3540285&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kdwjpnnzdx9d43ft0yd2ytsrnnbtdchwrgp5ksj44rtb3aerx6yxkff7fae4scep5m3w6r1p69074jm7m5x88h2ssrjn3kds030dv9cnmf34tny3j4wnyag9anb7bnb917vm0rp1xe64mwa57mnn85dze6a0326r91c2sn94tanag9kbjg5g47xa59vmdsyvf2t087m7yf92a13wpkg76z1tzzhse60r13kvj8qszac8vqdeve4kf5hx1j19ftd5bdg%26a%3D&clickref=oneide5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1oneid__misaglam_advancedad_728x90&viewref=oneidXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJoneid__misaglam_advancedad_728x90
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0949cad16920d17be32598029e82f211901f8b5b63f95de740ea6b818074c9fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
last-modified: Wed, 31 Aug 2022 09:12:02 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:02 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/ Frame 2060 343 KB
121 KB 118ms
79ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4176752718986875&plah=emmaglam.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4176752718986875

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484a265860e413a56c8dc1ae2c6bde78b2f8ea9f8ade5da97ad5a1caac2e3db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123441
x-xss-protection: 0
server: cafe
etag: 14575179409455216802
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 09:12:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame 0247 10 KB
5 KB 63ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4176752718986875

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 04:52:14 GMT
etag: 8616628553774171045
expires: Wed, 14 Sep 2022 04:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 wgpizbdq.js
ad4m.at/ Frame 2060 36 KB
13 KB 48ms
47ms Other
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/wgpizbdq.js
Requested by: Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80881
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 10:41:47 GMT
server: cloudflare
etag: W/"ac60ade5ed7352595cc3030edbc5e415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqCOldgcmFDcVarhsICfmQnbpPxab4olE3EAZvrID0G6envkBgSLPMJ%2Fe%2BGtlgBADmaEThiEpxH2F3D7KxJtjpJqakMnY4gl3BQw8qI7ZW0EonPYeh8PmE35d9Dt2TQH%2BhK2pxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7434a4695e8e839c-MXP
expires: Tue, 23 Aug 2022 11:02:04 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 365E 85 KB
85 KB 95ms
17ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3540285&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kdwjpnnzdx9d43ft0yd2ytsrnnbtdchwrgp5ksj44rtb3aerx6yxkff7fae4scep5m3w6r1p69074jm7m5x88h2ssrjn3kds030dv9cnmf34tny3j4wnyag9anb7bnb917vm0rp1xe64mwa57mnn85dze6a0326r91c2sn94tanag9kbjg5g47xa59vmdsyvf2t087m7yf92a13wpkg76z1tzzhse60r13kvj8qszac8vqdeve4kf5hx1j19ftd5bdg%26a%3D&clickref=oneide5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1oneid__misaglam_advancedad_728x90&viewref=oneidXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJoneid__misaglam_advancedad_728x90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 05:03:56 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 14887
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA60-P4
content-length: 86537
x-amz-cf-id: ZK1yXUtYDWPT8Su0KRMDOxeXG4qghgN3twYiCWxdkjHhk5PM6G4UNA==

GET
H2 200 2022-07-25_familienzeit-panini-banner-627x627.jpeg
cdn.track.production.webgains.team/268155/ Frame 365E 77 KB
78 KB 81ms
20ms Image
image/jpeg 18.66.147.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/268155/2022-07-25_familienzeit-panini-banner-627x627.jpeg?Expires=1661937422&Signature=MyKGpohFCeZaMCZFvcnrcU1YcuFv1CdxMFJxsKz7XIX8OjhCatD4bSneM~mWM3~Xno3jbNUXokD16UTPPIOxUmuTua2ppl9AH-sc5D4pfUHmlNu44J~v0~Pb5Mf~Dy75ytT8lWiT83h6ckBP4sFrXU1WsN7WFbXu1HHGQRjpLVJ8--0cg5XlYtQ2TZUw5b6H06WQVdR6zv60A1Z2COg8mYWvMbdmHZtGFh13sJ3y1hE257pj8boHp1lS5tPfr3yeY3A3gTEMbJpU8VznT5ZMDNujlPZna6qgfw~nPZnbiWvrTxM01UeApp1ilhZC1ugzdgZRXRZKQ8GdGyrDDjvdVQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C29002%2C200037&b=gA42h8frfeqXaPHbH8t5tG6AcmSjtm6Te%2CAxqrhYfqfB2McAHRH4tktPWzURSbtDGT9%2CXg65azfrfKPY2u6H4Hetqtk47cQSMtXMTJ&f=BdqwSgfPfV8XcxH6H3tgCW1YajSdtmrTM%2CMBJKazfrfxjJuWHEHGtQC29ZCBS9tbDT3%2Ce5edu3fVfrqdZujHZHet2CAg3CwSbtxdT1&c=728&d=90&e=&g=2f9de5e71f9d2fe15a898a3d2a78322e%2F14146683990541622354&i=26474%2C25052%2C22499&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=misaglam_advancedad_728x90&r=1661937122397&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcf3c1a73ae6215dc150d3e2031c9de98af41e5cc022bf9c16852b13075b4d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified: Mon, 25 Jul 2022 11:44:20 GMT
server: AmazonS3
age: 7890
etag: "58879895efe64f553dc9fa167564951f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
date: Wed, 31 Aug 2022 07:00:32 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 79101
x-amz-cf-id: oI6LKUiwrBRNxSLst3FlCud2oblsuVBrzjn1lxDJvDK-179BlM0ssA==

GET
H2

200

matomo.js Show response
tool.hubu.link/ Frame 2060
Redirect Chain

https://static.hubu.fm/matomo.js
https://tool.hubu.link/matomo.js

66 KB
25 KB

169ms
19ms

Script
application/javascript

2a01:4f8:212:29e0::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tool.hubu.link/matomo.js
Requested by: Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol: H2
Server: 2a01:4f8:212:29e0::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 50f4f5c78736b4b5eb13cf588426996e5dbd0391b1228e08e4b7ef35ad0d4459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
content-encoding: gzip
last-modified: Fri, 05 Aug 2022 00:09:31 GMT
server: nginx
etag: W/"62ec5fbb-107b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Thu, 31 Aug 2023 09:12:03 GMT

Redirect headers

location: https://tool.hubu.link/matomo.js
date: Wed, 31 Aug 2022 09:12:02 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-length: 162
x-xss-protection: 1; mode=block
content-type: text/html

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame 0247 10 KB
4 KB 63ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/wp-content/themes/blake-von-hauer/js/burnhambox.js?ver=6.0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 04:52:14 GMT
etag: 8616628553774171045
expires: Wed, 14 Sep 2022 04:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame DA51 2 KB
1 KB 52ms
52ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 479211
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7434a469bfb5839c-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWAGKCv80vZwq3zeF%2BeZK9KqYS3ef7OalEK2VktEP2IPbT3PIWho%2BjdJAmdNg4emzg8EtV18Z3GEa7YC9VnE8avbxUc5NoksqTMG345VPaOqIEdEK21NN%2F6H%2FnDYqry2SPSXVYI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 90B4 2 KB
1 KB 43ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 479211
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7434a469bfc0839c-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jye9M0FdY3UQhUrx5lJF13Gdbdbl%2FlYrSuwATJOD0hHJ5k8ocufqeAgTJ1uZ8QvWjGNU8UDYmEexdsx2GjiwwtADaVCAHgq9rowsk8D7moETFijLXExhMWH78bJXJ4B%2Fhi9zobM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 86FF 2 KB
1 KB 36ms
36ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 479211
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7434a469bfc2839c-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TxshT6q3Li7Jr9BPEmLKgXwasGre9W%2Fm21nFPR3rOt0fES1AHl2Ljj7I%2Br64P4s91WgeUnZeRrstinKgXAczcCPZXz9jkWOixfcQnUT8hntfzu645Vjz%2FqFC6t3QxvGtD2%2FdVU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame A8E7 2 KB
1 KB 41ms
38ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 479211
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7434a469bfda839c-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tk%2FANwsOg8Tri9g0ytvkZWEelvUGzdiQHCi0WIyKIBPy29v9F%2F5Uayp9g552uj7CLPx15Jy9nDTNcbCvLx%2Bo5UHNFhrrtZZSZkoFxuo30X9bjZ3XD%2FzF1%2BpjPpHGmA7urXDuyZ4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 70A2 2 KB
1 KB 43ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 479211
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7434a469bfdc839c-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6GxLT6nmpLZMrk%2F43GAIME%2FoCQ7%2FnwYJQmB1n3dwUPnmnSh7fgXwy4q6P41R4VvPLKtsvUG3RXbahGdEjm9FsCfE2DDbKNm8pvujX5Csks%2BcAiWMEVU7%2BgbgxbMiUvhPwCeeZk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 3EB7 2 KB
1 KB 47ms
46ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 479211
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7434a469cfe1839c-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLAnEDDw%2FgvsJFwfNWiDuS6Utgqg1%2F3xA981EXL2qwoyKWl1ejD2ASvw5OqJTx7Kdk8tAI5loGYnnt0OTlKUzrxMb5jwaqZumwjt%2FCdSPjf84wq3Qd0vpn0PJz7KtyiUvPNiaDg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame DA3A 2 KB
1 KB 46ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 479211
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7434a469cff0839c-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 25 Aug 2022 20:10:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCG3n77PjtkVANDWzfoocUtdnl4zNXOvUltml2igrUFhlX8gkuHYWqP5TE%2BIqPcuvnVZqnp%2BPyof3CNyX0iA5RLIQ0%2Brye2lmZR9yzNdA221hALOkDi%2FvUSCewA4QoovV0smchU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 2060 466 B
906 B 64ms
64ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51048e57284781c44c50c719230f334de8b4953c1c81d31d134fbb24824b5d2e

Request headers

Referer: https://emmaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7434a46af83383be-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tG%2BaqKaPVhsCXh9yw3nNhnkmBNINqFyLZ92mzdboye2HtFAM%2B6K6S5o4%2BZGHGZWBx%2FTvAOiHhDkiJf76aD66ckJct8vtUdmdxblookValtNmyZWvVqEmhpG38u7SsAsh%2FqdGWpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://emmaglam.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-h8v1

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 74ms
74ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://emmaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://emmaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7434a46a7f2583be-MXP
content-length: 24
content-type: text/plain
date: Wed, 31 Aug 2022 09:12:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBDGBqt4jA%2FBQBHYXQkyX4vj6n2LTWiZ%2FM8DFoOHAWv5nH2LPQJ45APZgqfL0paQ2EljxTk84Zm1Ynxha6%2BznWav3OHlfvqYG%2F9RXutsiaIIFlALmfjI%2FysDTZ4OXCsJ%2BA6VW2I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-h8v1

POST
H3 200 rs Show response
ad4m.at/ Frame 2060 465 B
918 B 65ms
65ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a5d8ae4ca68e7439311ba307613eaf707bcf175ccee346a70201cd387a69a1

Request headers

Referer: https://emmaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7434a46adffa83be-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0exxJqQk1RHJfkxXVapPePe9NgcqwTvG2aEQbAYhM2Ary7zJA%2BnJ%2BPqeWc%2FEqegIfqOeyJ%2BhIUP9STKWa5eqz8oYK9%2BMk1fY2FOIkaR9cUS2u4YM9VtnQMCbg7jn4aiXkRnCQJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://emmaglam.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-h8v1

POST
H3 200 rs Show response
ad4m.at/ Frame 2060 457 B
902 B 75ms
75ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60ea6607cc04767b3b8f5553fd33110d566ece7d4e5401865b7026b6043e2aa6

Request headers

Referer: https://emmaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7434a46ae82683be-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wjrYceSVbkdJuAd%2FEUhEVHydzpY7IMvCUYAyUkuEugMY8rnvaushTFqIiYlHOJWtwZCMo38dqFOcRsth3o939VPlh8tWSao4KqfnXXAQqJ7zAM3y2L6s52sOXyECV1ph8vDlD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://emmaglam.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-h8v1

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 58ms
58ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://emmaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://emmaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7434a46a7f2d83be-MXP
content-length: 24
content-type: text/plain
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZO6DwTWZU3XXccpShevz%2F7qTEhE9Pj%2FMKfmilbwygQ%2BOdNCybr8ELevo2%2Ftxl1lI67%2FpMsin79Cpb6qQOjaAolhvQLrKaNnp0I8qOUXbXiELuRatUpTP39e8kke8EGr06pWpa7g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-h8v1

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 69ms
68ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://emmaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://emmaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7434a46a7f2e83be-MXP
content-length: 24
content-type: text/plain
date: Wed, 31 Aug 2022 09:12:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbaLpIy2z5wYC2oQ9Yt05JFe62aHgR2fINdS1I275Jhpgc95HbQtA9guzg0Gnb19YuGbMkjqVAu%2Bme5TrKwBUWZYAhhgdjExX75ki9eYR9LyR%2FklMklFxGTlDAt6llTTuyfHQJE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-h8v1

POST
H3 200 rs Show response
ad4m.at/ Frame 2060 462 B
902 B 100ms
99ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28462771bed2d2bcb7d29128343b3196ad74ccacc31816fb3ef1375e187c5df2

Request headers

Referer: https://emmaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7434a46adff483be-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udxuouyDjGxypGQhiFcAc0kBn2su3zV5qbTtWZHsLMMZfCh5zDPjNsflIfv%2FouPZ4XON6XLfgDBOsob2knOHK0qNI6vaMDOipoB9VOYnIK5270Rh5Iw8Nbz67AuVKYrCMaHI994%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://emmaglam.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-h8v1

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 55ms
55ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://emmaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://emmaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7434a46a7f3183be-MXP
content-length: 24
content-type: text/plain
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tr%2FU87tsvptG4UPIJxAzMgs%2BFjVnUbM5c3r4dF62kDu9LpSzCs1pfLssnczgTX2oHoeiR9igWjBemOXkSCgemK8wr5urtpAQbSsrRAcxxrujnEP7Ejst4rUXO%2FugiLVVCDu9tk0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-h8v1

POST
H3 200 rs Show response
ad4m.at/ Frame 2060 459 B
908 B 71ms
70ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff2aaab3fc1f7f7adc0d3a35ee9e0aee19a84e282451e287315df188d0d3c53e

Request headers

Referer: https://emmaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7434a46ae82083be-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5h%2FIb4w%2FhMgf0i1p9ELlr5uY4FOn6BeqEsugAdd9yRrV25PROJgFxp88QyHicqiJ5Kvx0%2BKLcaLR%2Fl14HxRN7at4AOW02rJ0faQKn%2BrP47xb6k2KKmdMBFBB%2Bki0PNiDjO4Qym0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://emmaglam.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-h8v1

POST
H3 200 rs Show response
ad4m.at/ Frame 2060 463 B
911 B 78ms
78ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835f7226f1799e78f2629a1b86a146f5d0c3a95ba2cf796c1041f7f822c0e48e

Request headers

Referer: https://emmaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7434a46ae81e83be-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALfC3sBUiEEZzxhtp0OG1m7olrZgZI6s%2BaJi2Or%2Fvf5TIYNnbgLOzSU%2F5rL7cj9jx8atZgLTnmIVq8lGxje%2FyOXvNMtFWzmJJuHFZsaN7lVxVxSe25I6GtuOc4IEob9FNiWMbFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://emmaglam.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-h8v1

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 62ms
62ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://emmaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://emmaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7434a46a7f3483be-MXP
content-length: 24
content-type: text/plain
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2B%2BWT6q6LUbeQN%2FQzHYFgwFSrVRgF241wCgedYUvUT%2FPSPfej%2FT2hQzhHArY3poH5ERkw4TalAXsmukGq6ejvcxfi2Buc%2Fgymy4u1XdOv0PzixYvsapAGae5YP7CfodBlsgbpkw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-h8v1

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 60ms
60ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://emmaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://emmaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7434a46a7f3783be-MXP
content-length: 24
content-type: text/plain
date: Wed, 31 Aug 2022 09:12:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOPtLskmRI9%2B0Ksywpa1Tx82eBPku3UnR5kxLGWIkdhjfz3fVy1mj5%2FdjxqlUcXEA0MWG2gufWnJsOaRx%2BEpwH3VgGKbfRq8PKNZYqT3v%2FDaOEB9ncoCHRHfrQ0tBg171ZwFgKs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-h8v1

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2060 107 B
792 B 67ms
25ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=emmaglam.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4176752718986875&plah=emmaglam.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 09:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2060 107 B
549 B 78ms
25ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=emmaglam.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 09:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5063 603 B
68 B 39ms
38ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4176752718986875&output=html&adk=1812271804&adf=3011350652&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fspaceeditors.com%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&dt=1661937122695&bpp=48&bdt=185&idt=261&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&nras=1&correlator=4874525813456&frm=8&ife=1&pv=2&ga_vid=678644174.1661937123&ga_sid=1661937123&ga_hid=1672290070&ga_fc=0&nhd=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2186634244&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069094%2C31068921&oid=2&pvsid=1202350255705404&tmod=1389044628&uas=0&nvt=1&top=http%3A%2F%2Fwww.siceu.de&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.2gbzg0ucwcfg&fsb=1&dtd=284

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 09:12:03 GMT
expires: Wed, 31 Aug 2022 09:12:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

204

matomo.php
tool.hubu.link/ Frame 2060
Redirect Chain

https://static.hubu.fm/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=493174&h=9&m=12&s=3&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabneh...
https://tool.hubu.link/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=493174&h=9&m=12&s=3&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabneh...

0
152 B

86ms
86ms

Ping
text/plain

2a01:4f8:212:29e0::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tool.hubu.link/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=493174&h=9&m=12&s=3&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabnehmen-mit-diesem-leckeren-rezept%2F&urlref=https%3A%2F%2Fspaceeditors.com%2F&_id=&_idn=1&send_image=0&_refts=1661937123&_ref=https%3A%2F%2Fspaceeditors.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=bfRfQO&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=146&pf_srv=155&pf_tfr=1&pf_dm1=283

Requested by

Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/

Protocol

Server

2a01:4f8:212:29e0::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
content-encoding: none
server: nginx
cache-control: no-store
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains; preload

Redirect headers

location: https://tool.hubu.link/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=493174&h=9&m=12&s=3&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabnehmen-mit-diesem-leckeren-rezept%2F&urlref=https%3A%2F%2Fspaceeditors.com%2F&_id=&_idn=1&send_image=0&_refts=1661937123&_ref=https%3A%2F%2Fspaceeditors.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=bfRfQO&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=146&pf_srv=155&pf_tfr=1&pf_dm1=283
date: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-length: 162
x-xss-protection: 1; mode=block
content-type: text/html

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 35B3 6 KB
4 KB 56ms
55ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16573691f71267f113a2970a98bd34c3d71e45efd9b405fe96d4b3242076c64

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7434a46b5af8839c-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 09:12:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8FC2 7 KB
4 KB 56ms
55ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbea846f07b3b2d87f58996929990f09bf6a618c6e2c1d1749a2de0ef1fb785b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7434a46b6b07839c-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 09:12:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0776 6 KB
4 KB 51ms
50ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe1112de25dc904d9cec8a89de037081d6ff21723babacead457c65339ba9828

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7434a46b6b11839c-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 09:12:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 444F 6 KB
4 KB 63ms
63ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06e6e75946e336560bf76501b711cecfe4d295efc0c52c9691e78130a60fe97b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7434a46b6b13839c-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 09:12:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1EFB 6 KB
4 KB 59ms
58ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c0df29027c282e4e37e08dfa8a8b029c527a06a93dd6d4a00a392ae2480293e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7434a46b6b1d839c-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 09:12:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame C1B1 7 KB
4 KB 57ms
57ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a14ea2b429e84d8062d71259ddf82c0f4ad96f532672ff97333c38f7d8c729

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7434a46b7b3c839c-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 09:12:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 35B3 85 KB
11 KB 46ms
45ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 151402
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86775
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 15:08:41 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7434a46bfc41839c-MXP
cf-bgj: minify

GET
H3 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 35B3 10 KB
10 KB 44ms
43ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645738
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9782
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJZlSxBwRucjx5llUnbIrFzANUR8%2FjXSsDHU4405KGb3LR0LSf3j6EZQOIaFOh0m1CKcJNrFmr5F9k4XkdcaPq0jyMrWbziNV2Kn%2BXfbpMGpOGthR8jVu6LyfSv4P2zNdV5%2B8CiiMA5jcYx%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46bfc45839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 9BB8922D4DC6C9A36B8D83900BE3C417783CEBF3EB448A8A5E268471F12FE38D3472246CD214F7655C16CB473EE4650902292819B5437B86E630B9AE33E0BB1F
assets.ad4m.at/product_image/ Frame 35B3 67 KB
68 KB 38ms
34ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9BB8922D4DC6C9A36B8D83900BE3C417783CEBF3EB448A8A5E268471F12FE38D3472246CD214F7655C16CB473EE4650902292819B5437B86E630B9AE33E0BB1F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a868642fa5a7a4692ff83f60cf0f26a6717c5d6a6cb6d550e798462a38a66880

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 648601
cf-polished: qual=85, origFmt=jpeg, origSize=151815
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68606
last-modified: Wed, 15 Sep 2021 13:52:46 GMT
server: cloudflare
etag: "a62d41b78511a9833569245cc89b9e75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zNzuI9PhPKD2zR2hAFHXI1DKIDeWvdk%2FvnTamNxOxZMtfEPRrL9AGIi7DNwL3wa%2BzF2gOHDSlrqwtL4tjonViL7TtBjnV%2Ff95yMKh4481w%2FSklZwlMtOus7JqMWGO37OmuLkV7bGauLaYUK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c2cb6839c-MXP
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 35B3
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidqxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3oneid__emmaglam_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidqxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3oneid__emmaglam_advancedad_160x600&actionid=981741&...

0
90 B

37ms
37ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidqxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3oneid__emmaglam_advancedad_160x600&actionid=981741&produktid=&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:02 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 31 Aug 2022 11:12:03 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 31 Aug 2022 09:12:03 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D940971D:A076_91EFC182:01BB_630F25E2_659C28E:1F22D
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidqxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3oneid__emmaglam_advancedad_160x600&actionid=981741&produktid=&dt_url=
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 D47CDCC9ED573A7F0FC36327ED81D34D2A7FA777C24CB1FAB8DA54E6096BD3354B83AFD196FFC0C0A80FA860C3BE4240952C98421D5A9707BD98799011452967
assets.ad4m.at/logo/ Frame 35B3 17 KB
18 KB 173ms
170ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D47CDCC9ED573A7F0FC36327ED81D34D2A7FA777C24CB1FAB8DA54E6096BD3354B83AFD196FFC0C0A80FA860C3BE4240952C98421D5A9707BD98799011452967
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab284bb4630bba786de179717df91dbee93cc78defd7e6e8b116c82be1313a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 653062
cf-polished: qual=85, origFmt=jpeg, origSize=66696
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17556
last-modified: Mon, 09 May 2022 11:56:32 GMT
server: cloudflare
etag: "84cc808c1239ba85001165a903b66167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i52oGRQBKTnQ%2F2iVAE7vPoSFQG7NNIhp2KrWqwnPOnkAosxO%2Fcjaunb4AuM0OS28sBS%2BfPdUj4p5T0%2FBXLl1iovYkT0mMmTfXaOZk%2BwyhtSkTBqTgIcDz08MgqM%2FeRACQN4TQyIWLU0iHZbe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c2cb8839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 45BEC9954F5B1B74E0AF9428FEA38A6DDA7350B01069AD0E4D0D6C12FD3D114CC0622D07A4793FF592C3D10C8E3AF4629C13F384CFC29D839145E9670B4EDBEF
assets.ad4m.at/product_image/ Frame 35B3 178 KB
178 KB 147ms
144ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/45BEC9954F5B1B74E0AF9428FEA38A6DDA7350B01069AD0E4D0D6C12FD3D114CC0622D07A4793FF592C3D10C8E3AF4629C13F384CFC29D839145E9670B4EDBEF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20d3e638e1a4da5af798b70c63e23a30c9acf96a4ffef968c39853b560da5404

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 650203
cf-polished: origFmt=png, origSize=359632
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 182018
last-modified: Fri, 06 May 2022 08:15:04 GMT
server: cloudflare
etag: "c6d791ffbd6fb6756a8fb35647fe4aac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbdNqxGoxxesMezXEKsZ25z75gMOJkH9q77w6kTWAzxRqfxb9oDbNZ0cAmWijrA3pRRJlorwbfeOXzhOJ8UajtVUT7U4xFkRGr9vtkfCshXUCbi0kRmb33Fl679gScDHJWiTjw7%2BNYNzZ3T4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c2cbb839c-MXP
cf-bgj: imgq:85,h2pri

GET
H2

200

csp.php
vfd2dyn.vodafone.de/csp/ Frame 35B3
Redirect Chain

https://private.vodafone-affiliate.de/tpv.php?t=112510V1175122964M&cons=&subid=oneid8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbckoneid__emmaglam_advancedad_160x600&gdpr_consent=&gdpr=0&gdpr_pd=0
https://m.exactag.com/ai.aspx?extCa=707&extTcm=AffDisPer12218C|NonCpoNon|fq0gen&url=http://vfd2dyn.vodafone.de/csp/csp.php?b_id=1744&r_id=htlp&aid=2022083111120375770028335X112510V1175122964MSoneid...
https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1744&r_id=htlp&aid=2022083111120375770028335X112510V1175122964MSoneid8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbckoneid__emmaglam_advancedad_160x600&affiliate=112...

0
0

118ms
18ms

Image
text/html

54.93.208.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1744&r_id=htlp&aid=2022083111120375770028335X112510V1175122964MSoneid8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbckoneid__emmaglam_advancedad_160x600&affiliate=112510&VFAffID=12218&pid=12218&extProvId=315&extProvApi=129048&extPu=12218&extLi=112510&extPm=112510&extCr=WWWWW
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
Protocol: H2
Server: 54.93.208.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-208-161.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Redirect headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 0
X-Xss-Protection: 0
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mi, 31 Aug 2022 09:12:03 GMT
Server: Microsoft-IIS/8.5
Date: Wed, 31 Aug 2022 09:12:02 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/html; charset=iso-8859-1
Location: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1744&r_id=htlp&aid=2022083111120375770028335X112510V1175122964MSoneid8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbckoneid__emmaglam_advancedad_160x600&affiliate=112510&VFAffID=12218&pid=12218&extProvId=315&extProvApi=129048&extPu=12218&extLi=112510&extPm=112510&extCr=WWWWW
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 35B3 26 KB
26 KB 133ms
130ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645676
cf-polished: origFmt=png, origSize=53992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26236
last-modified: Wed, 29 Jun 2022 14:47:26 GMT
server: cloudflare
etag: "e460905652d65e6a54a57da046f52d6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUYo6uCAqTadz6NJzs0QPKVSki81MGZPuF5MX4J8WEFDd4vws307bFtzLKGITv41BOQKyTzzUU9qSzmw4rLpUzARWL523Ia8BLa1nukVqITh%2BuSiIhynXkW59PjVcKKFtcVsoC8xPeh2SG0z"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c2cbd839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 35B3 54 KB
55 KB 139ms
136ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 574656
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55798
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXUTBTmqMXela%2BPClu7IHA0IxmLbviM%2F8L%2Faqcoxpp7PR1J6KxRI8oicazp8kWtrFAhp%2F9F5vfWGzVY0ZuxZ9HPXrtTiuzytMVORA6LeVxHDlLKbpQ9EC1YjLjnmJly5FFx8hI1RovYxVB4F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c2cbf839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 0776 85 KB
11 KB 42ms
42ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 151402
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86775
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 15:08:41 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7434a46c1c94839c-MXP
cf-bgj: minify

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 0776 2 KB
3 KB 38ms
38ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 649266
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqtZiRgBuY8ggerZ8xVL6iG2cqQ8FWg0HQsa0JEyJkYdfk%2BldBWLSPf6AE0JYCsVc6dB6L8Ied8d49ZzUnnoVlzo5ckAHNhCsbzmICDNe7O1PgZp95iln5yNXh54DlJRYxzXKMHIJD%2FwB4pD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c1c96839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 0776 339 KB
340 KB 79ms
76ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 659388
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XzffumFTDv63RNvluQTZIuZFZsQm%2Fd7jprW3EqBtznAqzEKcrJZuHOp07naOnYBjXXevwIMTKzgG0R43CpUhVrEnTbf6F5c4%2B3ER9xHvs1brZb%2BgFwOOOTGYtGtGL8XBDVP8n%2BazoA0EheF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c2ccc839c-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0776 43 B
702 B 88ms
79ms Image
image/gif 104.96.132.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidK783aRfZf93rDt5HMHktPtxQzt7Srt7eHqoneid__emmaglam_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.132.42 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-132-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 09:12:03 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 CF7B8EFF626751741BD45BBA10B5F53598ABD124A9A97176DB246F891C46E0CCFF68E5AC396FA44F31E87AA5F2404A47D1A24B716215BB0CBA7CA3D7AC4F625C
assets.ad4m.at/logo/ Frame 0776 2 KB
3 KB 172ms
163ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CF7B8EFF626751741BD45BBA10B5F53598ABD124A9A97176DB246F891C46E0CCFF68E5AC396FA44F31E87AA5F2404A47D1A24B716215BB0CBA7CA3D7AC4F625C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52231257689106bd0c1e85b5b0675f0eb01ab7c3492365d701827a07028d2df3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103215
cf-polished: origFmt=png, origSize=9979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2004
last-modified: Tue, 26 Jul 2022 13:59:04 GMT
server: cloudflare
etag: "d4ad24db9e3f0bd5b2d8146db2559b6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cdee3tUB8vgPBauS9wi3tPajR35kB6KZ%2FgoMvKPZ1oJXfjlZIuZROhx0kdzqb%2B1M7zM1hKIdnc%2BXB4P527RAY04P3Ydi27H8C6AlWMAjrR7Y3CImO963Yhhwj%2Fuwv3GL3XcA6eXjjsJPq2o5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3cdb839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 149CB1C4FF60B52FF6B05CF9E021292EE41E76BE18D09E6E739E9FE972B362A8B6D7872AC13E5BF3F6BEA2C754B71DC63130E440CEB5DB8867DD855825F44A32
assets.ad4m.at/product_image/ Frame 0776 258 KB
259 KB 174ms
165ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/149CB1C4FF60B52FF6B05CF9E021292EE41E76BE18D09E6E739E9FE972B362A8B6D7872AC13E5BF3F6BEA2C754B71DC63130E440CEB5DB8867DD855825F44A32
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8275413d7059db1bf68ea3986e84410ba9df950693f6d5fe66404b69290895c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103215
cf-polished: origFmt=png, origSize=443845
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 264466
last-modified: Mon, 22 Aug 2022 13:30:19 GMT
server: cloudflare
etag: "703cc90ac32bbaecfc9462ad00c6d831"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKY9O70sxC644NFW1d%2By2bWkjTtFnpcKka1%2FWRjSpwJuxMA1JaJuTAOp17cMK3PlrtRN1lkSnCcEauwvowru1k1SYc3SoVv3AGXOEClSdJxkp1ZF4kkxP10JWBa5tRcI5j8NSqDwbeDgMA%2BI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3cdf839c-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0776 43 B
704 B 151ms
97ms Image
image/gif 104.96.132.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3148286&v=30131&q=437766&r=412863&pv=1&pref3=oneidr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtdoneid__emmaglam_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.132.42 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-132-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 09:12:03 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 0776 127 KB
128 KB 176ms
167ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 573927
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130164
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvHhGY9%2BQmJOA7%2BSJ3hl9da3suEJ73yy3Z%2BFFcWAReQ1jz%2FRGiwxZL0WjhGQUcha90h4wlrFC9hXoKo6D3TPlviMW%2FJFS%2BXre%2BWkqaFljaZ1yUWgrYScx6%2Bwito83fMAiEOmzH7DyOcRFvjs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3ce5839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 0776 461 KB
461 KB 193ms
183ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 647953
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0P9S6rz54QA51nar%2FzVSYBwb2NcVO8KEM%2F5mA1XqJBVT7xRaLQL9%2BOCb8mm9%2BG%2FwDRvZpYqNqzPeVI9b6Uj%2FogMGaGHhtDlGKE99KsCgt9Z5LQmKXexK5UFfDZDqd%2FVehTXgTl8rrxI%2F%2F1z"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3ce7839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 8FC2 85 KB
11 KB 172ms
168ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 151402
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86775
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 15:08:41 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7434a46c2cae839c-MXP
cf-bgj: minify

GET
H3 200 63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 8FC2 8 KB
8 KB 170ms
167ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 654542
cf-polished: origFmt=png, origSize=12956
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7692
last-modified: Tue, 29 Mar 2022 14:32:10 GMT
server: cloudflare
etag: "c6c297b07f296b60586b8613b6e9b5cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdzlcnGwDFw4%2BnFFje81HVkHVXmJw16%2Fd%2FC%2Bzs9lc0w1CpKm4TBj7Ay9NJFCT1yRODpCSHP0pvwvYOfCSV5oeLESD9bBdZzkPHkts%2BV85%2BohiXgFyfD0k7vUl%2FEYwduqe2ywdFCMBHk3bhcI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c2cb2839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 8FC2 422 KB
423 KB 222ms
212ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 650888
cf-polished: origFmt=png, origSize=632572
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 432334
last-modified: Wed, 29 Dec 2021 17:30:00 GMT
server: cloudflare
etag: "ee529fd62e145fb264303add5fb5a944"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wJAguNeWxyLzbISTjfXmjSGDOr3pHDJM7%2FjVHGUNnr%2BvTsJ6Ego0vF0D2ng6%2F7EdVaAhOHr96%2FmwJdDai77l56yE19Q8%2Fk1GIMEG8svwRaFvw%2BaRnSsqBkrYb%2BQ2n1ofqtZzBMpZ30L%2FVhS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3cf3839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
assets.ad4m.at/logo/ Frame 8FC2 33 KB
34 KB 247ms
237ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf109a2d05e13d300f3c97cd9aa2b384992564695380c09a8f3a2e7e9cb0201e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 651636
cf-polished: origFmt=png, origSize=51102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34016
last-modified: Fri, 11 Sep 2020 12:41:45 GMT
server: cloudflare
etag: "b72205dba9a8fc2d6ba54cb26ab2bce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHX5etVX40FUXtAfW71h9SuV%2BJf%2FDVTJkF2ZqIr994vtwuTCWYjicI0WXU3dfiAQ7n3lfdGhBap7Z8TsyS9%2F31Caw%2Fc5F61EldL1qO8OnFMux2%2FeP%2FxKnYlTh9MguJW3pLs7A49ZIsQxzdrv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3cf5839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
assets.ad4m.at/product_image/ Frame 8FC2 162 KB
163 KB 137ms
127ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32b52bf758f52d20e796e3e41e7659aa55242f7cb2a1e67c3cec59ead1916572

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 650912
cf-polished: origFmt=png, origSize=247392
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 166070
last-modified: Thu, 17 Sep 2020 13:15:19 GMT
server: cloudflare
etag: "af15e6f9d7a2a43237c333b681f8c714"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muKBgoldEAapUaWC5Kazkpz07YTpumNTVRJkgL%2BnUerofR0ppd9QIgsW3HxlKIZMDI3mi41wT6qNysgLmRfG6zuzai2mf4mlnDymYiR3WELywiRfO%2F%2Bbn3kMsKz9piLnwr84mfQa3xDMDwrx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3cf8839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 8FC2 9 KB
10 KB 139ms
129ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1827549
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iT6WSmcPiFDpgriJ3d8RMu7xMTq99O4wtrxjHDM3%2BvsE%2Bx5hA2Q354rlRuyV5ILy1rrm6%2Fyka3hhqn1okHUKsS1K2Ijd39fqjyqnRza%2FeUDxb49TSLODrgIpnbgmlvHnpAm6JKd8%2BUi76szN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3cfd839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 E9D375C72282EE56D8DA5AD27266D69B7BFE40E40C948577C3783C3219F98DD01F9931DC8CCF9B67D3492B05912CD4E83AC0FF6D46D2312F3BB13A1DCC095909
assets.ad4m.at/product_image/ Frame 8FC2 17 KB
18 KB 139ms
129ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9D375C72282EE56D8DA5AD27266D69B7BFE40E40C948577C3783C3219F98DD01F9931DC8CCF9B67D3492B05912CD4E83AC0FF6D46D2312F3BB13A1DCC095909
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52afbdc9b50ea83386ec3f01d5b7f960c612515f6904541b370334f8d9676c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 650886
cf-polished: qual=85, origFmt=jpeg, origSize=63020
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17696
last-modified: Tue, 07 Jun 2022 13:12:55 GMT
server: cloudflare
etag: "d0374826c2da26747cdba3111108f584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1VXmVJFCKFabaM19zqiPFMVUu9a7p9iG64Phstcp1TBHjejjKW9%2BoCjRUS0Laam8%2F7p2TFYwC9fKxHaCVW7YrEzDl519F3QgPfPFHouXsGJ%2FYENyaDuRe4Pt2NfJGuvtgE3TN1Q8%2Fbmbgfh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d00839c-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 8FC2
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022083111120375770028435X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

49 B
1 KB

120ms
31ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022083111120375770028435X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:03 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022083111120375770028435X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date: Wed, 31 Aug 2022 09:12:03 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 1EFB 85 KB
11 KB 141ms
138ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 151402
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86775
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 15:08:41 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7434a46c2cc1839c-MXP
cf-bgj: minify

GET
H3 200 7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
assets.ad4m.at/logo/ Frame 1EFB 7 KB
7 KB 113ms
110ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 647784
cf-polished: qual=85, origFmt=jpeg, origSize=20298
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6740
last-modified: Tue, 19 Jul 2022 19:05:28 GMT
server: cloudflare
etag: "dcdbfc63ef930c205a6c8ec70a6f5e71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SY%2BSalX4830ua00ioHpqZ42Z70vRJaSo3RtkECFrsq95SCBxW1NPkzTsSynTFvqzpoZsHC2ADyBZ%2BVGI040hVuZnBmqz1z27gMm4ZPOkbuwUw%2Be7M4lBMyvb%2FSE4rGsW9Au6HVs18L6zbkE5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c2cc4839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
assets.ad4m.at/product_image/ Frame 1EFB 256 KB
257 KB 119ms
110ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231515acac534354a11000685ba5e093bdf4b6d6bd3ca7455b6bb5a7502c570c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 652377
cf-polished: origFmt=png, origSize=404140
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 262476
last-modified: Tue, 31 May 2022 12:50:17 GMT
server: cloudflare
etag: "2ffe877a2fd7c65a1f5b57fbcb242dc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3NaTwQVRpkJ%2FrmSV1hv8N78ItVWjlIsvB6cgc8fEMCM3S6Dbyjv6Z4EjFDBIKH89cjTb0%2FwmKCQib9YwHHijWRzO7e5xTjhizKDhwMzjEgJj4O6URY%2BZRVjLV0%2F%2Bt8WCM1E3MrCrF45y22Q"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d03839c-MXP
cf-bgj: imgq:85,h2pri

GET
H2

200

/
pvx.freenet-mobilfunk.de/ Frame 1EFB
Redirect Chain

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidpqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSEoneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871;VPID;&eventid=11420_412871_1661937123_fa3ef610-290c-11ed-94b9-2265b3bf8141

43 B
120 B

52ms
52ms

Image
image/gif

2606:4700::6812:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871;VPID;&eventid=11420_412871_1661937123_fa3ef610-290c-11ed-94b9-2265b3bf8141

Requested by

Protocol

Server

2606:4700::6812:3c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
date: Wed, 31 Aug 2022 09:12:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7434a46cfe5bcc4e-ZRH
p3p: CP="ALL CUR DEV PSA OUR IND STA"
content-type: image/gif

Redirect headers

Date: Wed, 31 Aug 2022 09:12:03 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871;VPID;&eventid=11420_412871_1661937123_fa3ef610-290c-11ed-94b9-2265b3bf8141
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 1EFB 53 KB
54 KB 263ms
254ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 653827
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6IEaGREuNObWqtrtwJ5B%2Bs%2BcgfxnJ0v%2Bc0xV%2FjS4a6xmWL8%2Bi3uRA9DsYpk1PUxs6o44jm9IHam1vwpJRc0tKk8znQ%2BiaC7A35YsWdKbaGql27JQjYD%2FVddTW53FZv%2F55RvP6RyAP6uqhCG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d06839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
assets.ad4m.at/product_image/ Frame 1EFB 24 KB
25 KB 267ms
258ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 654470
cf-polished: qual=85, origFmt=jpeg, origSize=151606
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24794
last-modified: Tue, 19 Oct 2021 11:55:08 GMT
server: cloudflare
etag: "d71e74a6f11e793171f7c83885ae5c26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyWH6PQrTtfMVpZm8pcN78%2BvTUqBd74vweqExvRoqivK%2BoWBqz8N%2BCVNL1bPM5V3ZSs1pTIs20QdDZiBahAo9cpxVzkamzH7TXDXq4kwLTprexpNl%2F%2BPe%2BY%2FjiRTgMgdAEoUjqUfnmLKOG3E"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d08839c-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 1EFB
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022083111120375770028433X117679V1226132702MSoneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_ad...

49 B
1 KB

146ms
31ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022083111120375770028433X117679V1226132702MSoneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&cons=0&spid=2022083111120375770028433X117679V1226132702MSoneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:12:03 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022083111120375770028433X117679V1226132702MSoneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&cons=0&spid=2022083111120375770028433X117679V1226132702MSoneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&wfid=117679&partnerid=12218
date: Wed, 31 Aug 2022 09:12:03 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 1EFB 38 KB
38 KB 268ms
259ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 647987
cf-polished: origFmt=png, origSize=77267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFR19rErTQmRaDTA25J%2BTnHyFGmMvWa4QFydqYid9HLAHRCC%2FZL4kbtB2FCMFPQUwNLoOr%2BrmrWzeWlsiPVCy01qEZuMPW6EdMpYok1N4PV%2BvtQMsGwxAjKcV7YV5tPLlmhAUHZWQWxQgvaC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d0b839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 1EFB 84 KB
84 KB 48ms
39ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 485067
cf-polished: origSize=90165, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7sv5BKQe4jmDpF4mfYMaib0iVzi2EY0sDmT84K6ATv%2BQWVrC8oGMUJRW9SwaEqNHRCfnV6D%2FHIMc0pn04ZAxWleMuJR2rmWnx78MdirGyJoW9T%2FZEl8%2Bhl84hUHIM%2Fawhmgz7MAfS%2FWf5jL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d0c839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 444F 85 KB
11 KB 113ms
111ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 151402
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86775
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 15:08:41 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7434a46c2cc8839c-MXP
cf-bgj: minify

GET
H3 200 48731CBABD5EFF809BB0B6CFCC2EB8EB33964D5B485BE7F4D723F6B45BA451318B81C64658AA05BB43E48E2AAD1A9B073D5DEABF0AA97E956C1DF5F665A8B4C9
assets.ad4m.at/logo/ Frame 444F 3 KB
4 KB 115ms
112ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/48731CBABD5EFF809BB0B6CFCC2EB8EB33964D5B485BE7F4D723F6B45BA451318B81C64658AA05BB43E48E2AAD1A9B073D5DEABF0AA97E956C1DF5F665A8B4C9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 455d3b555c487828f6ce2b9fac9015a92be6cefbf332adc3d6a13e48f80bd6f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1785279
cf-polished: origFmt=png, origSize=13586
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2974
last-modified: Wed, 20 Jul 2022 06:39:30 GMT
server: cloudflare
etag: "80403ef2579edb83d2af1d99c6590561"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nqZuCQCbuProLZ23WUd4Z9C6XGGUJMESfe9LoZiAB%2FUJ6nmcnGzTC7jqVSbKrcayp4sIasYuCa5wGbPu1DilZ4oH5mo7J1E73TlT7jPJliFxN2GhxgCOzxbdvWiXcjjsyfRB2BXaOgMpU7Y"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c2cca839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 366F4BCC8AA7C1802B6C466A71C3A9456C86A95A87300672A565377D29F38FB722D334588B3617FA25190BA3FD7861CCD595BAB88D490F6CC67C93900613FD93
assets.ad4m.at/product_image/ Frame 444F 361 KB
362 KB 270ms
261ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/366F4BCC8AA7C1802B6C466A71C3A9456C86A95A87300672A565377D29F38FB722D334588B3617FA25190BA3FD7861CCD595BAB88D490F6CC67C93900613FD93
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b78c6aa96175d69ae56638aa814a628fe1f8936f8a4be89e9df0a6e72db4c664

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 570602
cf-polished: origFmt=png, origSize=573072
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 369660
last-modified: Fri, 12 Nov 2021 08:59:20 GMT
server: cloudflare
etag: "01454b80ae1cd73bee09138115bff101"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdwJFIDvttk%2BT9Wmj3rE%2F8SbrAnjLEoeLaf4pNWwvFNl%2B8%2FdHXmUqs8Zoyw7jd2sUd%2B%2FijiSuUGOZQpFbmw6XSaHuAd%2BvuRwWsnisNJYBWFTGeIoA5amGowuDKfsyffDtnPiM8vjY6DgcICw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d0e839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 DF3EBDB3FCE24FC834F2F85316014013F4E151206CAE18EA4C88354CF6C0153F3B7765160D5EA69387D699D6B5C5EB6A05EE7996390346CE5A95D3CAC49089B9
assets.ad4m.at/logo/ Frame 444F 6 KB
6 KB 295ms
286ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF3EBDB3FCE24FC834F2F85316014013F4E151206CAE18EA4C88354CF6C0153F3B7765160D5EA69387D699D6B5C5EB6A05EE7996390346CE5A95D3CAC49089B9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf47258e6a4a33e59b9bf905dfdc7e4548112fb722468c0957995386cf30d721

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 650033
cf-polished: origFmt=png, origSize=16809
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5730
last-modified: Wed, 02 Mar 2022 14:20:53 GMT
server: cloudflare
etag: "73bee8dd95fb3c9bd65e83a2d5054e77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SuDWrx6bO5J8sAHmAVQZplAAf9TMnfIhM9Gfyb9FvBWUVxMUp577AowbuqXE0fvYNYhPNd7E9oCyzOiolkRnhI3%2F6nMVgK2Ty3dswYsdr78OxQkeF%2Bq8xVbXB3Dm0eHJQCRK2ZBXCn3Wamx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d10839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 F1005ACE378F0455F8FEE9354B7769A5733327C2D2DD1694BEB08A6BC910E8F24AEC52355CB335E4BB8E342664E73159D1E7FB4383ED97D6BE9C62A6CBE5763A
assets.ad4m.at/product_image/ Frame 444F 370 KB
370 KB 295ms
286ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F1005ACE378F0455F8FEE9354B7769A5733327C2D2DD1694BEB08A6BC910E8F24AEC52355CB335E4BB8E342664E73159D1E7FB4383ED97D6BE9C62A6CBE5763A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e002876e0dac7fef9dc879b0347e6c9561413ee8707799d584e21acc050a8a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 659385
cf-polished: origFmt=png, origSize=591674
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 378518
last-modified: Wed, 02 Mar 2022 14:42:59 GMT
server: cloudflare
etag: "673cc3405650baf2cb9a0d65ecf3cfa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHRYLJU0wTmDUx%2FgILdeJrfRuj6fwdZJbvSG3JQpfhTrENhty%2BxR0449r6PAxRkk1Tniv4GZH70YD7WTRoJRa1kEVCfi9%2FTj%2FMe%2Btjz6kubQPBLMHiC2V%2BBiyATrkM9EEjtA%2BxEP2s14hMNA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d13839c-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 444F 43 B
705 B 142ms
83ms Image
image/gif 104.96.132.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2729971&v=14369&q=358397&r=412863&pv=1&pref3=oneidbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJoneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd={{IAB_CONSENT_PD}

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.132.42 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-132-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 09:12:03 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 444F 10 KB
10 KB 315ms
306ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645738
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9782
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nP%2FsVF5pBTVtqfT24fs%2BabV%2FadF2Fzr8nmq7LsKKZUmWEH0%2B2qw%2BDfR22wKUc8szZCIxwfBcIkA5VlMLa3%2Fn5bWBEXFEUaRa%2BBwpn09jDJJPndluplQMeWMfnGF32n1i1s1N3MLtCiFMzE0S"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d15839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 6816E5C1E94FAB1009709EB31BC648D7482D65F1382EB596CF068B667035CFBC0ADB56341B021F9DB0A51E5521F478F5C47A97060B63DBB5853A4E05171D2384
assets.ad4m.at/product_image/ Frame 444F 293 KB
293 KB 315ms
306ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/6816E5C1E94FAB1009709EB31BC648D7482D65F1382EB596CF068B667035CFBC0ADB56341B021F9DB0A51E5521F478F5C47A97060B63DBB5853A4E05171D2384
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 337251848b6c3fb23c993170edf6db4b3391d726705928ebeb8b94c1099ce35b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 665310
cf-polished: origFmt=png, origSize=465691
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 299660
last-modified: Fri, 03 Dec 2021 11:48:55 GMT
server: cloudflare
etag: "d9893d53ba0f4afd0748e789767028e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TelU9fMsHjsK0%2BtqRxjxDobOS%2Fm%2FqAnnaaGqlUK6Da4ECDNKWgXaB%2BvXYSTLVd5%2FRefwwMAC4OuVnwtC%2BxjYJUjDryjqpNm45Q9CprNeB03DBmSBt0qSxEg7FMxWnfvqFUtyZgp%2FzgOwXX1V"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d17839c-MXP
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 444F
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b73641100396ef4a14?t=htlp&subid=oneid26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtgoneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtgoneid__emmaglam_advancedad_300x600&actionid=981741&produkti...

0
112 B

52ms
46ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtgoneid__emmaglam_advancedad_300x600&actionid=981741&produktid=&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 31 Aug 2022 11:12:03 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 31 Aug 2022 09:12:03 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D940971D:A0DE_91EFC182:01BB_630F25E3_659C2FC:1F22D
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtgoneid__emmaglam_advancedad_300x600&actionid=981741&produktid=&dt_url=
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame C1B1 85 KB
11 KB 222ms
210ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 151402
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86775
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 15:08:41 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 7434a46c3cf1839c-MXP
cf-bgj: minify

GET
H3 200 822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
assets.ad4m.at/logo/ Frame C1B1 33 KB
33 KB 222ms
211ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
age: 648774
cf-polished: origFmt=png, origSize=48887
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33666
last-modified: Mon, 19 Oct 2020 12:32:26 GMT
server: cloudflare
etag: "4fe1ecb98ff38283cdb2ae157e399ba2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3cf2839c-MXP
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
cf-bgj: imgq:85,h2pri

GET
H3 200 FD66DD0F2B7A912E5689560D1F44A34036D59DC66410BC16DB56E6552166BDD14DAA80051E8662FA97C79EEC050B65ACCC739C7DC12EB7B4C7D554C9466E14C2
assets.ad4m.at/product_image/ Frame C1B1 72 KB
73 KB 331ms
323ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FD66DD0F2B7A912E5689560D1F44A34036D59DC66410BC16DB56E6552166BDD14DAA80051E8662FA97C79EEC050B65ACCC739C7DC12EB7B4C7D554C9466E14C2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08132210afd18ec76c696eacc7fa033322c38ae17a6d4fe4181ea16ab41ea4a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 648737
cf-polished: qual=85, origFmt=jpeg, origSize=83090
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73928
last-modified: Wed, 27 Jul 2022 12:30:34 GMT
server: cloudflare
etag: "8ac13c1e81fb4f2dafead2a1105eca86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9nMvaZG%2B62Fm3lkAiAiuh9org9%2BFthflwZizBMqkjiCkhNtz1bHczZiylCKPgrWH3H%2FR8DLpBcFPkJEpV1FKBh6PYNMlNptHqw9kcqx7aX6CKSbO7yM%2FXJ4tbXDslDY8OcmfptjnmrGzhc6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d18839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 D79C954E206D0E4D62CE2FD6A790CCF3F307301C2B3749F53C1D942235F0DB56EC61BF133CCA8286AF0CB6184EAACC180FE6AE7DAF2C030A5FC4FB233DC1862E
assets.ad4m.at/logo/ Frame C1B1 43 KB
44 KB 335ms
327ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D79C954E206D0E4D62CE2FD6A790CCF3F307301C2B3749F53C1D942235F0DB56EC61BF133CCA8286AF0CB6184EAACC180FE6AE7DAF2C030A5FC4FB233DC1862E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6077d96b9bd1b7071f971ce7fb559e3e57af37df56ac67b9c2d64b2b8796fbd4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 652307
cf-polished: origFmt=png, origSize=67209
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44330
last-modified: Wed, 13 Jul 2022 10:30:32 GMT
server: cloudflare
etag: "8e0be36dfd6d499fc28a6f3e19920b0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=461otOKPGX9j18cDUxe62CK84eItaRW8J3QFQ15S4syEVScUNnRcpnLGRFDLeRPW4lWVs6Ksz8QPrPCs0YvCQOegWGVwoGv%2BwAZKnIvLV3G10GqVdEeRCKnDd3NBHZY3S1mb7Cq0HtD%2Fgn%2Fo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d19839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 228AE3BC27B59997BB38FAE9B35BF19F78E1A83D3EEE4F366E97EB15815360D99C4F0AA46F2DFD8AB7A011602A783946A7F0B5421349CAC837964DFF6096C972
assets.ad4m.at/product_image/ Frame C1B1 201 KB
201 KB 340ms
332ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/228AE3BC27B59997BB38FAE9B35BF19F78E1A83D3EEE4F366E97EB15815360D99C4F0AA46F2DFD8AB7A011602A783946A7F0B5421349CAC837964DFF6096C972
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50df5c94512b11c2f4c8357774f25d123c5a39c120796dcc5b1d9ec8df548e83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 571088
cf-polished: origFmt=png, origSize=310324
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 205550
last-modified: Wed, 13 Jul 2022 10:46:44 GMT
server: cloudflare
etag: "ca68d721f16044ab0bd800156f6dd789"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vR0dLDGqAn65SLpiqDODwYHpLOnmBmehMHHma9uExM3t5M4sGJLH6Zs%2BuhAf9VQ%2FoJtKuGmr0aKkkfegXqJTCWHI%2Blu52Ymf8%2BLCJYhFQpF3VKUFPKsXJZbJbHJJXPWdDJhQJytqOR0FOh8R"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d1a839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
assets.ad4m.at/logo/ Frame C1B1 467 KB
467 KB 378ms
371ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 574621
cf-polished: origFmt=png, origSize=706198
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 477790
last-modified: Tue, 03 Nov 2020 16:12:21 GMT
server: cloudflare
etag: "7818415cbdf9567ea6f508841c4fe2a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2F2u%2FHPAy4JJx7uF1wtoD2a%2ByIQUvpbLSekVGnv5NZ8xylRH7Rp6dH3zc7bPSZTzRCvEVN6YU2yd%2Badf%2F79tdQN1PO0MGO90ZMA0AG%2Besd4IqAOdDXL%2BCpLyvcWYVpp0PR%2Br84VZJK8qSBsv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d1b839c-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame C1B1 28 KB
29 KB 396ms
388ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 654542
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28740
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dr8yKBkhuLu2tjbgqLORo9%2FBxerPrSOJEHJP82J26QPc3cYPpHOmDbTB0r%2F2ej%2B4Td0sIX5zH6nQvZElTTNKHNmw3KSlMTAaYX5CIxcgpXca8TaoUp07eGaBCS7LEfdkEJzOSmG1LMk4hy04"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 01 Sep 2022 09:12:03 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7434a46c3d1c839c-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C1B1 43 B
702 B 174ms
118ms Image
image/gif 104.96.132.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1oneid__emmaglam_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.132.42 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-132-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 09:12:03 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 35B3 2 KB
2 KB 92ms
92ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jfgm420z81gfgv2z6x6j4772e2j3rva4grgr1wd25v1561dfyx3594qce22tzh4kx74kwfb54rxzg6sspp5zfaqr1bedmc9enf7k5t310tsprq4gh9qt0nj31keqxazp2tad21nm9t7z75ttbw08353zk7d1hgrprbvp3b277mj0kz4eqf0qw5ww1jv6x02k3r1701y51pnpmty5d4y0rksgrn2bz1qh54dq0xx0rdnrwwey343nn6dm96y4jcgfgb1c%26a%3D&clickref=oneide5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1oneid__emmaglam_advancedad_160x600&viewref=oneidXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJoneid__emmaglam_advancedad_160x600
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: a816cbda7f344c4591fb46a5a8065bbc64294696108eaa4f1e75976797ca6671

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 0776 1 KB
2 KB 91ms
91ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hapyqtghbmbe8c683cr6yrygqtdf2118wntztf4b4ysf07rg2nbg8qgd0cf2s4eehk8wm8qp0hm1grzwjzjf82mwm4xxdynbg7rdbqcqsrwkyk6vpyan6nwc31jv48t0jnpfxth729e3t0g6em95z58tw23z0y1fm1ced7c17p0jb1pwxfd5wj23pr5hrhswa0m0t4k5d82ff3a86qq264xnkw3zfavnah493dp6yqwe5d9985y7stbnjddszjkh0j9e%26a%3D&clickref=oneidr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtdoneid__emmaglam_advancedad_300x250&viewref=oneid4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsKoneid__emmaglam_advancedad_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 98395c29079976cf9460f76d967cd1072c7c892a1ebe5b9df311f96dba6dfac5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 35B3 85 KB
85 KB 18ms
17ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jfgm420z81gfgv2z6x6j4772e2j3rva4grgr1wd25v1561dfyx3594qce22tzh4kx74kwfb54rxzg6sspp5zfaqr1bedmc9enf7k5t310tsprq4gh9qt0nj31keqxazp2tad21nm9t7z75ttbw08353zk7d1hgrprbvp3b277mj0kz4eqf0qw5ww1jv6x02k3r1701y51pnpmty5d4y0rksgrn2bz1qh54dq0xx0rdnrwwey343nn6dm96y4jcgfgb1c%26a%3D&clickref=oneide5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1oneid__emmaglam_advancedad_160x600&viewref=oneidXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJoneid__emmaglam_advancedad_160x600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 05:03:56 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 14888
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA60-P4
content-length: 86537
x-amz-cf-id: uiZmq_CMFYGHGfbSRaYH-rnse_4Y9ZSRNikIIEUQd9eUE7lokb9AOA==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 35B3 15 KB
15 KB 17ms
16ms Image
image/png 18.66.147.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1661937423&Signature=Dk0bHcKUraj2hZv587Tf2aPBxnXGEVHaMylXPYd3RatbKt4s1Vjl7o7dJeGYWuscUI3bP8-K-xFwiAJ1gmNu8ttw0J3WyfmLnMW85f5vovOQ1xHna6VqCe3UkeG-S6oPq6H32PYnP8CX~6lKlb~viTxmvqnd8vL0jIgfrclKKa3Jj0fxuhm9C8uSB-aoEmUtqLjFiE3~ihPxICEjfQ2L16Fxz1ft6fG0cDikQ7dNDj7xAnHjSL~-1jbIzcGDq2bbaXYE3qSZP-8HGlYdUXES2uzO6fkUnVmBDEbKjEouvQFy~1Y-0bhnUce5IVkKBK6TAY8Nu5f1Hw28KACRBdwVTw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C188905%2C197862&b=qxXAUmfWfYzPcZHgHDtJt5wxfeS3tx9u3%2C8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbck%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=RBX1agfQfzg5tkHwH3tzCJgDS9SxtPGF7%2CZZ41twfBfzKZ3TmHDHDtDC1JYbH6SJtKjsJ%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=160&d=600&e=&g=9324b6f6f5fe8bed7b4fe1aac815ae8c%2F11516772173106876438&i=26474%2C75451%2C71725&j=41%2C22%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661937123040&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
age: 18148
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 31 Aug 2022 04:09:36 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: LFQzXxhsTkm9vhgNF94ii-0ZZCvKy7-gb1VMHuZrABDbHAOqL5wxNQ==

GET
H2 200 link.html Show response
track.webgains.com/ Frame 444F 1 KB
2 KB 80ms
80ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3271135&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jm3ze0ydb0cefgrb1m0hb4cfn1b4m6ggzfx6cgkayjgmv6p6hxy3r0s417s3t4q98dq5gzxqag34p0p7kt07zm6fx3x1gpzmrx3tc80vgq5bjg51ya769a6md01whh3s62az57gjaa80sgy4hjrfmn2excd2wwpgv2180s1d4fp05dv4ebe8ms8ptnz9vhz0c5km28m26cvff1wdh4bk3jz7rszd0bwdbx27h6rtmsp7n8k3ztca5s8xpb7p8351g4g%26a%3D&clickref=oneidBdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFMoneid__emmaglam_advancedad_300x600&viewref=oneidgAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFeoneid__emmaglam_advancedad_300x600
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: cf972d7e2b6f5a1c82dcc4b6507789d534fab369e013ef35407bfbc63fd78472

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 0776 85 KB
85 KB 17ms
17ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hapyqtghbmbe8c683cr6yrygqtdf2118wntztf4b4ysf07rg2nbg8qgd0cf2s4eehk8wm8qp0hm1grzwjzjf82mwm4xxdynbg7rdbqcqsrwkyk6vpyan6nwc31jv48t0jnpfxth729e3t0g6em95z58tw23z0y1fm1ced7c17p0jb1pwxfd5wj23pr5hrhswa0m0t4k5d82ff3a86qq264xnkw3zfavnah493dp6yqwe5d9985y7stbnjddszjkh0j9e%26a%3D&clickref=oneidr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtdoneid__emmaglam_advancedad_300x250&viewref=oneid4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsKoneid__emmaglam_advancedad_300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 05:03:56 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 14888
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA60-P4
content-length: 86537
x-amz-cf-id: L3A3NTmhCIKfYQFrEIqE1l6oPC8UmDyvIXbr-lBFOypO5f6zrHxHXA==

GET
H2 200 link.html
track.webgains.com/ Frame 0776 48 KB
49 KB 102ms
102ms Image
image/gif 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsKoneid__emmaglam_advancedad_300x250&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C202438%2C183975&b=K783aRfZf93rDt5HMHktPtxQzt7Srt7eHq%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=kzQ3F5f3fD2kYa4HwHetmCxPrtZSmtwdFR%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=250&e=&g=5a155db06cfb57ad4e9858ce16995a7d%2F15732118702448054695&i=29981%2C82994%2C20597&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123058&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 1EFB 2 KB
2 KB 113ms
113ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h4xp5q4z66ca7zqje6vf1sfnmae3dbmhfnjkdkz9qabvsnn77yh760dwhavb7dqyt1g90wtv8hbfd4zkafr5bx5jyb9yht4fqp8nbfvc8vxn5c2pxe3mjkcesze1c32rp9xhg3evpwc24y2dcg8mfz2pf1s3w767vkyt2wg9cxfmemv6pkt9yjacaf9w1m21r0vps5934gvspc9vjzws8p7kd9n9gdg62yw059d9c9zrp06ncv210fsme02w6e182cg%26a%3D&clickref=oneidK783aRfZf5Gps5HMHktzCBX8u7Srt7eHqoneid__emmaglam_advancedad_300x600&viewref=oneiddpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTjoneid__emmaglam_advancedad_300x600
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 83feb6b84d6d16695e1dfd56ae88b2b86b4afcd58af3759c38d642798317e6bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8FC2 2 KB
2 KB 89ms
85ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gfbwr2mj67vkd97xw156dam04a0a5t2xsw27pnaq6adjxn6fxv1gbsk0kaqsd9m146aja8mwh5gb9kast9rxhjh6rmes8ezqr4rcptdwzyr8ng2ecja02aqqckhq2hzm0bdzg5xygmmrjbr5srhenzk9q2cgqbv8sh9q1hqtd6mqmpcmwv504hqktkdkbvrbfetekmmfx3fjn67g2dce7n888k2yqnxfr75mqacajejjhbkab9z8pvdf490dfyec4%26a%3D&clickref=oneidK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHqoneid__emmaglam_advancedad_728x90&viewref=oneiddpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTjoneid__emmaglam_advancedad_728x90
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 4e2e7f3c91107fabaa55ae6d6f75bfc374bd5fab06ef9e17777caeda3f2e15cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8FC2 2 KB
2 KB 87ms
84ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gkxzmphj2j6g0pk3rb0qaszravhd93pqa6nwqg4st163fy058f88ne7b74q7zptv69max9qhrhwqm4zjr1xschh6tby46n5r24j4m78vwmrp2k0bgt5248xnn5h09jvegxt09hfektvaf9vhmhtqqg2kh73xgadavztn3qr4b6htteyjd7wjpt4xzzw6mte9wtcdy4nmbcyergskn8kcq4ecvj5t384e7c3ycnk0tq0gz4jj7nf30h46rhkqe3k%26a%3D&clickref=oneid9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTdoneid__emmaglam_advancedad_728x90&viewref=oneidZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJoneid__emmaglam_advancedad_728x90
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ec550ed75cacfb3b466a3c47317024deb1776b8f2afa0151d566a7a6cd396b49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 444F 85 KB
85 KB 16ms
15ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3271135&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jm3ze0ydb0cefgrb1m0hb4cfn1b4m6ggzfx6cgkayjgmv6p6hxy3r0s417s3t4q98dq5gzxqag34p0p7kt07zm6fx3x1gpzmrx3tc80vgq5bjg51ya769a6md01whh3s62az57gjaa80sgy4hjrfmn2excd2wwpgv2180s1d4fp05dv4ebe8ms8ptnz9vhz0c5km28m26cvff1wdh4bk3jz7rszd0bwdbx27h6rtmsp7n8k3ztca5s8xpb7p8351g4g%26a%3D&clickref=oneidBdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFMoneid__emmaglam_advancedad_300x600&viewref=oneidgAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFeoneid__emmaglam_advancedad_300x600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 05:03:56 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 14888
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA60-P4
content-length: 86537
x-amz-cf-id: xEy357WsW2HqqMzowr4Km6suFDAOkCv2UQZqo0CUqG1dXj5Y5-UgaA==

GET
H2 200 link.html
track.webgains.com/ Frame 444F 7 KB
7 KB 86ms
85ms Image
image/gif 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidgAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFeoneid__emmaglam_advancedad_300x600&wglinkid=3271135
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C175490&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2C26YEH6fqfj2ZEfVHWHkt8tbdDCxSgtZmtg&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2C4gGmHEf5fAJkpFGH9HdtzCrqRfbSZtpJsK&c=300&d=600&e=&g=9867569f83d0d9cd37e1f229d40bed6a%2F10417962849830523426&i=28472%2C20378%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123060&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f13311204beda3ce95b4047bfdca1579d115cbe7ccca1f145862d08e75edf6d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame C1B1 2 KB
2 KB 93ms
92ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4351690&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jdbx30prms0p4kajrrsymgpr6txykc0g1e9myfk0x2b4y2p9f4fkcgqa85v6d87rp4c7fgn9f4p1ghqghx7pbbnpm0c7yzm9vagk6zrbwy083pn0eyb14x6a67b4czyjqcet8pyr6f33tecs3sbbfxpr2e61b6sdwyrsjajqeh18nxgrj5aq6h1ex67n6fat2tt94xj1qrnyeem1m507nnfgmax8kapfy67wgmx8y3qn8am8qzv8gmzr768mxxdrw5g%26a%3D&clickref=oneidJmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FXoneid__emmaglam_advancedad_300x250&viewref=oneidpqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSEoneid__emmaglam_advancedad_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 25ca1a08665ee561510cb6e04753b76c5056998ca89aeea68743b0ffa12aa91e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame C1B1 1 KB
2 KB 82ms
81ms Script
text/html 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3459435&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kqw5sxv7nqh4dttc7s8q4hc7jwetczdb6kjzp78249r2f4ayecgj1a2e8d8wfn1hx4cxeqpzprvb460mmkaw8fr6sd52fhwjbbam01q455ywe48qmqm5hfn1rmxj95mvyq37038d7ddj9exgt33xdmdaqx167yqg0pzc3tz3p9ne1wqwkm608rwtwampjzjmjm69swernt5s1n4zswkaza6eyq9kyrj4gepcdtvf5y212rhbkervgzjtcjpxajz4vq0%26a%3D&clickref=oneidXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJoneid__emmaglam_advancedad_300x250&viewref=oneid6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7oneid__emmaglam_advancedad_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 4290fe70e52b634c89005c150be1f1729fd8de86011c079f3358697610af9c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 1EFB 85 KB
85 KB 16ms
16ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h4xp5q4z66ca7zqje6vf1sfnmae3dbmhfnjkdkz9qabvsnn77yh760dwhavb7dqyt1g90wtv8hbfd4zkafr5bx5jyb9yht4fqp8nbfvc8vxn5c2pxe3mjkcesze1c32rp9xhg3evpwc24y2dcg8mfz2pf1s3w767vkyt2wg9cxfmemv6pkt9yjacaf9w1m21r0vps5934gvspc9vjzws8p7kd9n9gdg62yw059d9c9zrp06ncv210fsme02w6e182cg%26a%3D&clickref=oneidK783aRfZf5Gps5HMHktzCBX8u7Srt7eHqoneid__emmaglam_advancedad_300x600&viewref=oneiddpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTjoneid__emmaglam_advancedad_300x600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 05:03:56 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 14888
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA60-P4
content-length: 86537
x-amz-cf-id: 9vAfDeoDBoUNPMiLGh00NCvh7Wi7DTp0EOi0ZO2e1c_XmeYtbYmmSg==

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 1EFB 85 KB
85 KB 31ms
31ms Image
image/png 18.66.147.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1661937423&Signature=dORJVc~xEiUM4F4ss~Y4Ta8isjDGhNoJZx3XZSb5Skr3y9yaWQdaNalOUK18ly21927vqal8b-ZwCd8Ddhlx0~t8rjdghEQcEdS81aNa41P9lcbDN19fnld3RcCX2GQAlpxrNCipAt9n61oNRZbCsg0RkjtmF643AafzcyJrHZiTGEAc16JXAoi5iSz96qLGJNWOe2891P0HGcxe1nb3MgltbOhF9KxO2qStlqAJ0b~sRwV9ta77qMqVqEXb9LwOG~j3KUqRAhTenal28se-AIchQtWsEXiGYn59VUUIGza0wNy-ETDYtMqW~My9dsZTNVn~uu6moObqLoZQ4rReuQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=29002%2C59040%2C24673&b=pqEMC1fgfk9MskH4Hmtzt4wXu9S7t4JSE%2CRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7%2CdpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj&f=JmYWHzf5fe3kaBH6H7tqCr98txSdtj2FX%2CQEK8u4fjfD1GVfxH5HYt9CZZWS6S5tV2HV%2CK783aRfZf5Gps5HMHktzCBX8u7Srt7eHq&c=300&d=600&e=&g=c1bfe823735540eee710c65d2f808714%2F15857152468825006206&i=25052%2C20774%2C20430&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661937123055&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
age: 6115
etag: "92f323c42d6018008b4cf82e90ac9639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 31 Aug 2022 07:30:09 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: zQCRGzHYqnKgV3Rh3AsYsnwslR6Jw28btgfxmZMzxSeVvRx1TpSdLA==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8FC2 85 KB
85 KB 19ms
19ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gkxzmphj2j6g0pk3rb0qaszravhd93pqa6nwqg4st163fy058f88ne7b74q7zptv69max9qhrhwqm4zjr1xschh6tby46n5r24j4m78vwmrp2k0bgt5248xnn5h09jvegxt09hfektvaf9vhmhtqqg2kh73xgadavztn3qr4b6htteyjd7wjpt4xzzw6mte9wtcdy4nmbcyergskn8kcq4ecvj5t384e7c3ycnk0tq0gz4jj7nf30h46rhkqe3k%26a%3D&clickref=oneid9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTdoneid__emmaglam_advancedad_728x90&viewref=oneidZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJoneid__emmaglam_advancedad_728x90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 05:03:56 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 14888
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA60-P4
content-length: 86537
x-amz-cf-id: cTRNdSSbdbtKLIArfrL7ftody8B4bkwKGqlwZrV9j2TJxdxybnr7tg==

GET
H2 200 1582620939_hyJLsMcTw9BzW5wi63bmu5EBCIosJqdB.jpeg
cdn.track.production.webgains.team/273165/ Frame 8FC2 210 KB
210 KB 39ms
38ms Image
image/jpeg 18.66.147.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/273165/1582620939_hyJLsMcTw9BzW5wi63bmu5EBCIosJqdB.jpeg?Expires=1661937423&Signature=UTNboLhHP2bnXvviUZKRiWJF2auaOHIHf6PYBFs0iWHAW5-Wy32I4Tk0SoeCj6rnunDtKFKkpP4nuatCDLi-IQvRVeCgQx0~cJ3JkK2aoOFeF9C6VcFpgJa3AaufpDWJ6EwhXDAanA2LCkju-aaUIcU12Ux~I5rM0HseYmG55oOfoAAnOv-Vf8GygrRP81YLBJcuVP5p50zknXG-G-aPK9RJCNWiZsFphatBAe8kL47tncAqVAPpXof7JOXsNcPzgc13bfeTUUUXHQuLVuC1HhvFXkrIR-E-abS7jjH6GrPvh22rVAMmcCcEbQ2XVtOfz3gCpOcJfubvNZGVWJi76A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3f5311847d8fbac94a3d572938dea0a268ca1ff1fc18f6dad8b5bb9ff16a243

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:25:34 GMT
server: AmazonS3
age: 27547
etag: "a30de301a2e6a272912783c9da549a13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Wed, 31 Aug 2022 01:32:57 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 214933
x-amz-cf-id: L512cyyClFoCQoIcMvrEJz9nvA1SOnDIFuAJC-Q1Qn-Fnagmi1HWBQ==

GET
H2 200 1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame 8FC2 2 KB
3 KB 64ms
63ms Image
image/png 18.66.147.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1661937423&Signature=mFzeWZV8jGVTunqWPklxQEMOAkW83Y~575mI5BFFGDBz8sjr4S0dsPU8kF0gDcJrglmzdqDcYBCaAciTfS~FZRAcaITTb8VD1vD~Gy-wckKH14Onmf-JOnYkQeKd3UTTa~dk~4FVG9ufFFK1yD8bVF5syGvneer4gGHHB-5VNb5mWbd046cv7D6kgpumFHVcpdA1plLKXBN5rH9luiaKsJmSLjf9glP634L2rtj7EXZguM38leX2aC2iwAbroGy7MJVP013ehjYsNaDbVhlEUmUoBUn0b9FdOUvtx1z6iBDz5BohzbO9hNr9w47ulDFutKq0t5dZfylGXZV650PFJQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C43766%2C197100&b=dpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ%2CqxXAUmfWfJVA1SZHgHDtJtXX8FeS3tx9u3&f=K783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd%2CRBX1agfQfGd2AakHwH3tzCddAF9SxtPGF7&c=728&d=90&e=&g=a2e845fd2cfe595dad2f337365c7a428%2F456621988633091227&i=65803%2C24891%2C20773&j=21%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661937123054&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:31:16 GMT
server: AmazonS3
age: 26754
etag: "90a67412ed0b25c3e4ca2ad17658d5e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Wed, 31 Aug 2022 01:46:10 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 2545
x-amz-cf-id: 0mjwV6CMHAhZIVekaLw_z93m4uOXruDbyXimJ9Zu939cFa7BhxspBA==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame C1B1 85 KB
85 KB 16ms
16ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4351690&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jdbx30prms0p4kajrrsymgpr6txykc0g1e9myfk0x2b4y2p9f4fkcgqa85v6d87rp4c7fgn9f4p1ghqghx7pbbnpm0c7yzm9vagk6zrbwy083pn0eyb14x6a67b4czyjqcet8pyr6f33tecs3sbbfxpr2e61b6sdwyrsjajqeh18nxgrj5aq6h1ex67n6fat2tt94xj1qrnyeem1m507nnfgmax8kapfy67wgmx8y3qn8am8qzv8gmzr768mxxdrw5g%26a%3D&clickref=oneidJmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FXoneid__emmaglam_advancedad_300x250&viewref=oneidpqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSEoneid__emmaglam_advancedad_300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 05:03:56 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 14888
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA60-P4
content-length: 86537
x-amz-cf-id: MpeD_SGWbQU_brlAEwVWVgx76VsCuG65yIFxPLPp5YDDjdore2GCNw==

GET
H2 200 2022-07-25_film-und-serie-panini-banner-627x627.jpeg
cdn.track.production.webgains.team/268155/ Frame C1B1 81 KB
82 KB 16ms
16ms Image
image/jpeg 18.66.147.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/268155/2022-07-25_film-und-serie-panini-banner-627x627.jpeg?Expires=1661937423&Signature=g31IM5cvzE4y3KSSEGzXlZcQZp7~DLGOmW-oWztC65y26XtvB6lR12DeJ6lc4pNaLvNKp1P6Y8-uTfoh02LF4dZ6waclvKusw5K1oa1xx~5zFosvPR~gUdAsVv5jjyTB471f846r8exucKyAl3mCd00eoAoHxo0Hr98chR8JB0GApo5FGHwbt-Yk7bdG3yt068F2SZ7u~muBAIO86wa7TrgWUE~3LCXaM54aXayGVGRrfLoN7IqV4FHILCt0TpN~yU9AQcub1PDNqK~XL9gxglz9GdN2l77ed1kBf9LBuA3VoPEiGWQ-~jixp2J3aIDXJ-x~PqP7cg~DawfyEstNNQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f95692248b493f7f1f92d7469257907b669e2bd9bc31d1cec162f64f305b4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified: Mon, 25 Jul 2022 11:48:04 GMT
server: AmazonS3
age: 10672
etag: "8ac13c1e81fb4f2dafead2a1105eca86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
date: Wed, 31 Aug 2022 06:14:12 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 83090
x-amz-cf-id: 5euQRuhc31RMrJIstOe7pMvioE3YJVmTRiEeLzL_-0taONIj8ybnQA==

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 365E 16 B
232 B 79ms
78ms Fetch
application/json 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-156-122.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 133ms
29ms Preflight 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx

GET
H2 200 link.html
track.webgains.com/ Frame C1B1 149 KB
149 KB 100ms
100ms Image
image/gif 3.11.195.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7oneid__emmaglam_advancedad_300x250&wglinkid=3459435
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200040%2C198961%2C19769&b=pqEMC1fgf9rkMfkH4HmtztxZ3U9S7t4JSE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=JmYWHzf5f3gekFBH6H7tqCER2CxSdtj2FX%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=ba1e34ff4257410d209f5d5cb5baed44%2F3319105007131308127&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661937123041&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 08da0846fcb1f65a2ead9d380eeb1285d7920fc0ce2d68cd394afe52af059ad2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:03 GMT
last-modified: Wed, 31 Aug 2022 09:12:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 31 Aug 2022 09:13:03 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2060 14 KB
11 KB 102ms
64ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220829&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffc5ebcdff3d3d5f47a9b72bcb15aa68786755e66405bfd67bdb2feaf3d141a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 09:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11151
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2060 17 KB
7 KB 2164ms
2100ms Script
text/javascript 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://emmaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 09:12:06 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8FC2 16 B
232 B 95ms
94ms Fetch
application/json 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-156-122.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:05 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame C1B1 16 B
232 B 88ms
88ms Fetch
application/json 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-156-122.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:05 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 0776 16 B
232 B 69ms
69ms Fetch
application/json 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-156-122.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:05 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 1EFB 16 B
232 B 79ms
79ms Fetch
application/json 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-156-122.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:05 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8FC2 16 B
232 B 75ms
75ms Fetch
application/json 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-156-122.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:05 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 444F 16 B
232 B 82ms
82ms Fetch
application/json 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-156-122.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:05 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame C1B1 16 B
232 B 82ms
81ms Fetch
application/json 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-156-122.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:05 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 35B3 16 B
232 B 92ms
92ms Fetch
application/json 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-156-122.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 09:12:06 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 29ms
29ms Preflight 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 31 Aug 2022 09:12:05 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 30ms
29ms Preflight 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 31 Aug 2022 09:12:05 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 29ms
29ms Preflight 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 31 Aug 2022 09:12:05 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 29ms
29ms Preflight 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 31 Aug 2022 09:12:05 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 30ms
29ms Preflight 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 31 Aug 2022 09:12:05 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 35ms
33ms Preflight 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 31 Aug 2022 09:12:05 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 30ms
30ms Preflight 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 31 Aug 2022 09:12:05 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 30ms
29ms Preflight 18.168.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 31 Aug 2022 09:12:05 GMT
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B071 13 KB
5 KB 49ms
15ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 08:59:58 GMT
expires: Thu, 31 Aug 2023 08:59:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B134 783 B
1 KB 65ms
25ms Document
text/html 2a00:1450:4001:80b::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

ad54d8db2a95abaf57d50e8443ba8f2517c94b0c20df87a352dc67827f60ca27

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-URftkRHsedOAJvQVUmTZxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emmaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-URftkRHsedOAJvQVUmTZxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 09:12:06 GMT
expires: Wed, 31 Aug 2022 09:12:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame B071 36 KB
16 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 08:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 08:39:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B134 0
0 51ms
49ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220829&jk=1202350255705404&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B071 0
10 B 23ms
21ms Image
text/plain 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bsT4Xg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:12:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pb.media01.eu/	1970-01-20 15:14:57	Name: DTU Value: 89CDC0C5384626F67ED35CD3C282F159
.freenet-mobilfunk.de/	1970-01-20 05:49:01	Name: VPCommission Value: 41006061
.freenet-mobilfunk.de/	1970-01-20 05:49:01	Name: eventid Value: 11420_412871_1661937122_f9eba5f2-290c-11ed-b38a-2238c37626e7
.freenet-mobilfunk.de/	1970-01-20 05:49:01	Name: subvpid Value: 412871%3BVPID%3B
.freenet-mobilfunk.de/	1970-01-20 05:38:58	Name: __cf_bm Value: K5gC_AzT2L3XwNkFmuTjtlQLV6rmqOtx_w53qY2fX6w-1661937122-0-ARyFawce/8O+GLjqxqedlmGxCQpyrAPHhZdkhSWI4DCE4QySWLNP2TI63BdZg3WXfp8u3Ugs+Vgd0/dXitpoR0c=
.doubleclick.net/	1970-01-20 05:38:58	Name: test_cookie Value: CheckForPermission
.awin1.com/	1970-01-20 05:41:49	Name: awpv20044 Value: 412871\|1661937123\|fa3950c0-290c-11ed-80d0-22316432dc67
private.vodafone-affiliate.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: ttsd6raj7uccs2p31q5ug3koot
.vodafone-affiliate.de/	1970-01-20 05:49:01	Name: ppv1175 Value: 2022083111120375770028335X112510V1175122964MSoneid8WjpcDf8fRgbkcgHJHEtxtekJ9hGS5tmbckoneid__emmaglam_advancedad_160x600
.awin1.com/	1970-01-20 05:49:01	Name: awpv11420 Value: 412871\|1661937123\|fa3ef610-290c-11ed-94b9-2265b3bf8141
.awin1.com/	1970-01-20 05:49:01	Name: awpv14369 Value: 412863\|1661937123\|fa414000-290c-11ed-a34d-22350b028903
.awin1.com/	1970-01-20 05:40:23	Name: awpv30131 Value: 412863\|1661937123\|fa3f1d20-290c-11ed-a34d-22350b028903
.awin1.com/	1970-01-20 05:41:49	Name: awpv14702 Value: 412871\|1661937123\|fa44c270-290c-11ed-96ab-2230957fd0f4
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
.blau.de/	1970-01-20 05:49:01	Name: nscT486 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjYxOTM3MTIzdmxlYTFkZTIwMjIwODMxMTExMjAzNzU3NzAwMjg0MzVYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/	1970-01-20 05:49:01	Name: nscQ486 Value: V
.blau.de/	1970-01-20 05:49:01	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022083111120375770028435X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.o2online.de/	1970-01-20 05:49:01	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTE4MDAwMDAwMDA2MTY2MTkzNzEyM3ZsZWExZGUyMDIyMDgzMTExMTIwMzc1NzcwMDI4NDMzWDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZFJCWDFhZ2ZRZmdWUnhma0h3SDN0UXRkZERhOVN4dFBHRjdvbmVpZF9fZW1tYWdsYW1fYWR2YW5jZWRhZF8zMDB4NjAwMTE3Njc5
.o2online.de/	1970-01-20 05:49:01	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 05:49:01	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022083111120375770028433X117679V1226132702MSoneidRBX1agfQfgVRxfkHwH3tQtddDa9SxtPGF7oneid__emmaglam_advancedad_300x600&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTE4MDAwMDAwMDA2MTY2MTkzNzEyM3ZsZWExZGUyMDIyMDgzMTExMTIwMzc1NzcwMDI4NDMzWDExNzY3OVYxMjI2MTMyNzAyT
.vodafone.de/	1970-01-20 05:49:01	Name: oshop Value: queryparams\|\|b_id\|\|1744\|\|queryparams\|\|shopid\|\|2586

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://siceu.de/upload/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://siceu.de/upload/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ad4m.at
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c.blyatflix.de
cdn.track.production.webgains.team
de-c114.cdnplus.de
emmaglam.com
fonts.googleapis.com
googleads.g.doubleclick.net
m.exactag.com
mpa4xbbs6m73.de
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pb.media01.eu
private.vodafone-affiliate.de
pv.medialead.de
pvx.freenet-mobilfunk.de
ref.cdnplus.de
siceu.de
spaceeditors.com
static.a-ads.com
static.hubu.fm
thisis.aninter.net
tool.hubu.link
tpc.googlesyndication.com
track.webgains.com
vfd2dyn.vodafone.de
www.awin1.com
www.fastcounter.de
www.google.com
www.lead-alliance.net
www.siceu.de
www.telefonica-partner.de
104.96.132.42
145.239.193.130
162.19.154.224
18.168.156.122
18.66.147.41
18.66.147.44
188.40.69.138
195.201.169.184
213.202.235.8
2606:4700:20::ac43:4a81
2606:4700::6812:3c0
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a01:4f8:10b:ddc::2
2a01:4f8:212:29e0::2
2a01:4f9:4b:1406::2
3.11.195.34
46.4.41.145
54.93.208.161
84.200.5.215
85.13.135.3
88.198.250.30
94.130.9.175
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02900c9f1415a64006f18370166aeeffee0c4bec42f42c7434eec351bd044552
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0593174ff4efdddac16bae8411b2c4cd61adbf920f4324ead464074ccc63917d
06e6e75946e336560bf76501b711cecfe4d295efc0c52c9691e78130a60fe97b
08132210afd18ec76c696eacc7fa033322c38ae17a6d4fe4181ea16ab41ea4a6
08da0846fcb1f65a2ead9d380eeb1285d7920fc0ce2d68cd394afe52af059ad2
0949cad16920d17be32598029e82f211901f8b5b63f95de740ea6b818074c9fa
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
0f94c3f1fd1be876f50a5582135f9214708decfd54dc81bc1eae6afe018af65a
125ca25dca8afb2c0c712f9d8fd2c86183d96cedb25e99617e74ad20879b7165
13cac2dfa81988834f0bcbdaf219d4c242cc7b180bce48dd6df303d75f61199b
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
1ac676f1c4a499cade859da1d11326a01fb3d99ebdec2d31aaac0ef8d387a834
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f4082bc4d525c198936b8e7b8bda99929537de890c143e5e35fca4ac23b2a26
20d3e638e1a4da5af798b70c63e23a30c9acf96a4ffef968c39853b560da5404
231515acac534354a11000685ba5e093bdf4b6d6bd3ca7455b6bb5a7502c570c
25ca1a08665ee561510cb6e04753b76c5056998ca89aeea68743b0ffa12aa91e
263059d00f50a2a7c08c90e5c435d0a40c962726a870b61c69be6d706a937ed0
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
28462771bed2d2bcb7d29128343b3196ad74ccacc31816fb3ef1375e187c5df2
2b784d3e5c0e39e317b6f6298ea422ffec43793f96a9db00ce3765ca66cd87cd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32b52bf758f52d20e796e3e41e7659aa55242f7cb2a1e67c3cec59ead1916572
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
337251848b6c3fb23c993170edf6db4b3391d726705928ebeb8b94c1099ce35b
35a3c805f21d5df6f74e8d75a4223519934e28cac9b11179a572508954f29494
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3c8ccb6999f4b357495a29295b17c4be3d4b9853df8eed92d491cd47707cea87
3f95692248b493f7f1f92d7469257907b669e2bd9bc31d1cec162f64f305b4ed
409e64d11d5be6d84236508cde160537b30660818cc4d859de02d0f462e3fb5b
4290fe70e52b634c89005c150be1f1729fd8de86011c079f3358697610af9c6f
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
431dbe63bce1acf0407a63f8019851c5c9cbb89627263751163bdab3aa9c9118
455d3b555c487828f6ce2b9fac9015a92be6cefbf332adc3d6a13e48f80bd6f0
484a265860e413a56c8dc1ae2c6bde78b2f8ea9f8ade5da97ad5a1caac2e3db1
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
4e2e7f3c91107fabaa55ae6d6f75bfc374bd5fab06ef9e17777caeda3f2e15cb
4eb063eb579747678fb0340208535cfbb3e6d5957838d1903e28f9b8e9bf2a07
50df5c94512b11c2f4c8357774f25d123c5a39c120796dcc5b1d9ec8df548e83
50f4f5c78736b4b5eb13cf588426996e5dbd0391b1228e08e4b7ef35ad0d4459
51048e57284781c44c50c719230f334de8b4953c1c81d31d134fbb24824b5d2e
52231257689106bd0c1e85b5b0675f0eb01ab7c3492365d701827a07028d2df3
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c0df29027c282e4e37e08dfa8a8b029c527a06a93dd6d4a00a392ae2480293e
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f0a71528d959fd60cd17a04f15a4752efb3a83f1d85413404cb3fe49817406b
6077d96b9bd1b7071f971ce7fb559e3e57af37df56ac67b9c2d64b2b8796fbd4
609c95d0f78d37959654f1b0f5eb9eb09b621cf94956115a2eccf683f7c6b7eb
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
60ea6607cc04767b3b8f5553fd33110d566ece7d4e5401865b7026b6043e2aa6
610262ee4c1e30b9d4973727c73e58a1d19f6805adb8e7c5cec42597bfae333e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae
6fcbb378853463a4988a16d61fc995f41056c60236b8e1d4decdc9cb25c999a1
77f4e1642aca595b447f2302069d91e161eb892844eab1e05ade8bb993918db4
7822454304c0dd674f7b4bc03a08f3e738471c38ad3b0a4d0906aebf459b9aca
80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56
835f7226f1799e78f2629a1b86a146f5d0c3a95ba2cf796c1041f7f822c0e48e
83feb6b84d6d16695e1dfd56ae88b2b86b4afcd58af3759c38d642798317e6bf
88a14ea2b429e84d8062d71259ddf82c0f4ad96f532672ff97333c38f7d8c729
89141fb02ca66a70d90ff804823dd662c99cee3ec72b5bc33f2e995a4ef76695
8ad12eed523baa167f8090c7c10af10b527e2829a98e1510b95a57d105e490e6
8af56807fd1c2f4437ff1d5e03c95b456ce567a854ca3e153be3a106572cffe2
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e
92b8ff504d9e6cb5e9641251debe5b11f928a264ba7c0a203e6746d0ca4034d8
9632ed2461a11762cfac52f1e5acfad3dfd142c0ad2ca326d16d88e56a3a5475
98395c29079976cf9460f76d967cd1072c7c892a1ebe5b9df311f96dba6dfac5
9e002876e0dac7fef9dc879b0347e6c9561413ee8707799d584e21acc050a8a6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2
a721db9bf08d71797d1e0e6e1772712b884e529ab3e88a49cab36f2362bbbd13
a816cbda7f344c4591fb46a5a8065bbc64294696108eaa4f1e75976797ca6671
a8275413d7059db1bf68ea3986e84410ba9df950693f6d5fe66404b69290895c
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
a868642fa5a7a4692ff83f60cf0f26a6717c5d6a6cb6d550e798462a38a66880
ab284bb4630bba786de179717df91dbee93cc78defd7e6e8b116c82be1313a8d
ad54d8db2a95abaf57d50e8443ba8f2517c94b0c20df87a352dc67827f60ca27
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b13891cf50e96e70a39b3edcb17dce6a080a0d77f88ca602d74e1d54ee9db0fc
b16573691f71267f113a2970a98bd34c3d71e45efd9b405fe96d4b3242076c64
b1d6f69f76d5384a109ac5d3421713af148a90df6f059b3d3b5923c6667bb0cd
b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e
b78c6aa96175d69ae56638aa814a628fe1f8936f8a4be89e9df0a6e72db4c664
b809efcc7fd9ea21ab5a028abfa4102480b42f33542962cb545b3b8ec9c9b6f6
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bebbc1dd159904af1973d97ce32f0390a377f2e2f8692b1a23a86f6a1b0a2781
bf109a2d05e13d300f3c97cd9aa2b384992564695380c09a8f3a2e7e9cb0201e
bf205569fe444f13084084efb6712517da6e6b59bbeafa2933fbb93bb1f7eda7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf
caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7
cf47258e6a4a33e59b9bf905dfdc7e4548112fb722468c0957995386cf30d721
cf972d7e2b6f5a1c82dcc4b6507789d534fab369e013ef35407bfbc63fd78472
d618a3a41f1fe2e4aacade7342bb5994e35f98557b4e3336c17a48da88e953e5
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dcf3c1a73ae6215dc150d3e2031c9de98af41e5cc022bf9c16852b13075b4d3d
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e6a5d8ae4ca68e7439311ba307613eaf707bcf175ccee346a70201cd387a69a1
e8236d800cf8bb13e38ef8ee692553c55814640285f3d8057b70e110e839c629
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ec550ed75cacfb3b466a3c47317024deb1776b8f2afa0151d566a7a6cd396b49
edb6726c3fff1860799494fa30ffe3661c2527fec7263f75c43b7be211eaeb94
f13311204beda3ce95b4047bfdca1579d115cbe7ccca1f145862d08e75edf6d2
f1f34cf9cec8ba5e84b2bffc77b80f70a5386db40bc8022adb6c27882a919aaa
f3f5311847d8fbac94a3d572938dea0a268ca1ff1fc18f6dad8b5bb9ff16a243
f4b8945db547f5758694227b0cd8f2768b84826fcde9e0746884b4c3e2f5d822
f52afbdc9b50ea83386ec3f01d5b7f960c612515f6904541b370334f8d9676c0
f690efa866e3c106311602fd8846c3140460fb1238f85424131ebe0c198d2591
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f840acfbbd734f7355b50043ebdf0daade546a92763d0fcf9cadab92c1919265
fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658
fbea846f07b3b2d87f58996929990f09bf6a618c6e2c1d1749a2de0ef1fb785b
fd61b4726abb58bb90d2820f7026c087362c59327c56b357c3f7ce810a6ade59
fe1112de25dc904d9cec8a89de037081d6ff21723babacead457c65339ba9828
ff2aaab3fc1f7f7adc0d3a35ee9e0aee19a84e282451e287315df188d0d3c53e
ffc5ebcdff3d3d5f47a9b72bcb15aa68786755e66405bfd67bdb2feaf3d141a2

www.siceu.de Open in urlscan Pro 85.13.135.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

197 Requests

88 %HTTPS

43 %IPv6

31 Domains

39 Subdomains

25 IPs

5 Countries

8678 kBTransfer

9917 kBSize

21 Cookies

3 Outgoing links

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.siceu.de Open in urlscan Pro
85.13.135.3 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

88 %
HTTPS

43 %
IPv6

31
Domains

39
Subdomains

25
IPs

5
Countries

8678 kB
Transfer

9917 kB
Size

21
Cookies

197 HTTP transactions
0 data transactions