www.kosmetiksuma.de Open in urlscan Pro
2a01:238:20a:202:1082::  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.kosmetiksuma.de/	11 KB 11 KB	110ms 21ms	Document text/html	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash 24c29944ffca27f0d4ee1b8d74247c02886bdc40186ca0abec0b1217d0d6a11f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes content-length 11050 content-type text/html date Sat, 22 Jun 2024 15:12:32 GMT etag "2b2a-5a4826fef6a31" last-modified Thu, 30 Apr 2020 13:56:54 GMT server Apache/2.4.59 (Unix) vary User-Agent
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	156 KB 51 KB	98ms 74ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 9d8936b15062948ff34273e2eb4c651e9fc756adab105648331ecdc77dca798b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52655 x-xss-protection 0 server cafe etag 1409150177236958391 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Sat, 22 Jun 2024 15:12:32 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	208 KB 75 KB	83ms 43ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-72928463-1 Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4ef4052e1a60da211d9653d64ea74be7351d0c503c32e36aa7abb3dc757edd32 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76779 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 22 Jun 2024 15:12:32 GMT
GET H2	200	layout.css www.kosmetiksuma.de/	5 KB 5 KB	19ms 15ms	Stylesheet text/css	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://www.kosmetiksuma.de/layout.css Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash 507959d1bae0f30cb1979e30a087861aa8f418758dafaddd74c4d025d599ad55 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Dec 2016 18:00:08 GMT server Apache/2.4.59 (Unix) etag "1500-543ca572bf8fa" vary User-Agent content-type text/css accept-ranges bytes content-length 5376
GET H2	404	icon.css www.kosmetiksuma.de/	0 0	17ms 14ms	Stylesheet text/html	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://www.kosmetiksuma.de/icon.css Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT server Apache/2.4.59 (Unix) content-length 196 content-type text/html; charset=iso-8859-1
GET H2	200	jquery.js Show response www.kosmetiksuma.de/kosmetiksuma/js/	93 KB 93 KB	35ms 32ms	Script application/javascript	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://www.kosmetiksuma.de/kosmetiksuma/js/jquery.js Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash 447354e08ef65f419c478d2708b3631942f8aaaa72612a5799e7ba7aaa1e88bf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Dec 2016 18:00:17 GMT server Apache/2.4.59 (Unix) etag "17573-543ca57b3c5eb" vary User-Agent content-type application/javascript accept-ranges bytes content-length 95603
GET H2	200	scroll.js Show response www.kosmetiksuma.de/kosmetiksuma/js/	712 B 783 B	17ms 17ms	Script application/javascript	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://www.kosmetiksuma.de/kosmetiksuma/js/scroll.js Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash ae3b158daae9e76f2539580920926fabe5d77b95b9ba07bb98148aaec864b23b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Dec 2016 18:00:16 GMT server Apache/2.4.59 (Unix) etag "2c8-543ca57ad3df5" vary User-Agent content-type application/javascript accept-ranges bytes content-length 712
GET H3	200	cookieconsent.min.css cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/	4 KB 2 KB	33ms 17ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 248459 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 948 last-modified Mon, 04 May 2020 16:09:17 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e2d-f62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sT0moKUK7PgucmJLJHmjWYPmd%2Fk7YFoKzDSpKo%2B3bcDHcChGHKSvByYzOEnnBZPO1a2XymVW4GjUfkFWRz8gWQiaYzOYhEFdMgMJFfOpMSOoQiiOhVZPBeu512CGRwyWN0rX4lek"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 897d2d5bbc9235e4-FRA expires Thu, 12 Jun 2025 15:12:32 GMT
GET H3	200	cookieconsent.min.js Show response cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/	19 KB 6 KB	34ms 18ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 16466 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5676 last-modified Mon, 04 May 2020 16:09:17 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e2d-4d5a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hIIHzhHJuoeS8%2FOTIqOSIl%2FpbjezAY9Wc6I6xkPcS8j61z0FRQY47VdAwo9OUvC7IOtlbhjYcfAf%2BxfzA4ZU31QvKQ%2FHyULqjVoyRNVwt2nD5EvgBtno20nEXcFXsAelTqBoYo1F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 897d2d5bbc9335e4-FRA expires Thu, 12 Jun 2025 15:12:32 GMT
GET H2	200	kosmetikerin.png www.kosmetiksuma.de/kosmetiksuma/images/	7 KB 7 KB	25ms 22ms	Image image/png	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://www.kosmetiksuma.de/kosmetiksuma/images/kosmetikerin.png Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash 83fa41148c7c5f409ef73323ece5aaf4765e8b7c28b467a7360c50486d057d06 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Dec 2016 18:00:11 GMT server Apache/2.4.59 (Unix) etag "1d65-543ca57558d55" vary User-Agent content-type image/png accept-ranges bytes content-length 7525
GET H2	200	fb.png www.kosmetiksuma.de/kosmetiksuma/images/	1 KB 1 KB	23ms 21ms	Image image/png	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://www.kosmetiksuma.de/kosmetiksuma/images/fb.png Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash f8b5493c81354b6757a21bea6baedd5665b8cb9ca19a6ff4fbd40afef534f35f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Dec 2016 18:00:10 GMT server Apache/2.4.59 (Unix) etag "4e9-543ca574c3a94" vary User-Agent content-type image/png accept-ranges bytes content-length 1257
GET H2	200	telefon.png www.kosmetiksuma.de/kosmetiksuma/images/	408 B 480 B	29ms 24ms	Image image/png	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://www.kosmetiksuma.de/kosmetiksuma/images/telefon.png Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash 0f38f63217987334722b9394c42b6f84d6893535d6ef21023066263e5c1c0372 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Dec 2016 18:00:15 GMT server Apache/2.4.59 (Unix) etag "198-543ca5792b542" vary User-Agent content-type image/png accept-ranges bytes content-length 408
GET H2	200	massagestuhl.jpg www.kosmetiksuma.de/kosmetiksuma/images/	79 KB 79 KB	27ms 22ms	Image image/jpeg	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://www.kosmetiksuma.de/kosmetiksuma/images/massagestuhl.jpg Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash b59accdfb3b305422d831a68603a8d57f533885839d1c8dfa58363ab6cbb24e7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Wed, 14 Nov 2018 23:23:14 GMT server Apache/2.4.59 (Unix) etag "13c33-57aa837ec86c8" vary User-Agent content-type image/jpeg accept-ranges bytes content-length 80947
GET H2	200	kosmetikraum.jpg www.kosmetiksuma.de/kosmetiksuma/images/	75 KB 75 KB	16ms 16ms	Image image/jpeg	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://www.kosmetiksuma.de/kosmetiksuma/images/kosmetikraum.jpg Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash c8b9269c22737c17107d3e3144f9e3eefc3e4dfb6c8d77f67973973c41a6da5a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Nov 2018 14:46:46 GMT server Apache/2.4.59 (Unix) etag "12d28-57ac93c882cda" vary User-Agent content-type image/jpeg accept-ranges bytes content-length 77096
GET H2	200	adresse.png www.kosmetiksuma.de/kosmetiksuma/images/	675 B 724 B	31ms 30ms	Image image/png	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://www.kosmetiksuma.de/kosmetiksuma/images/adresse.png Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash 65a7dbc90a755792df242f36cda43da1d53c65f34b4e88c9f70f8a9276e50863 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Dec 2016 18:00:10 GMT server Apache/2.4.59 (Unix) etag "2a3-543ca57488962" vary User-Agent content-type image/png accept-ranges bytes content-length 675
GET H2	200	anrufen.png www.kosmetiksuma.de/kosmetiksuma/images/	336 B 385 B	31ms 31ms	Image image/png	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://www.kosmetiksuma.de/kosmetiksuma/images/anrufen.png Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash d74b19cf4e9f7f1d517989d90e848d474e3247af5a531ccc15e1979f41ba9365 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Dec 2016 18:00:10 GMT server Apache/2.4.59 (Unix) etag "150-543ca574aee8c" vary User-Agent content-type image/png accept-ranges bytes content-length 336
GET H2	200	kosmetikstudio.png www.kosmetiksuma.de/kosmetiksuma/images/	28 KB 28 KB	17ms 17ms	Image image/png	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://www.kosmetiksuma.de/kosmetiksuma/images/kosmetikstudio.png Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash 0cf8452b17e4bf816e36e9eed7d23302f9e84137bdc050a85d4c8f8bf0bf6870 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Dec 2016 18:00:14 GMT server Apache/2.4.59 (Unix) etag "6e61-543ca578e409e" vary User-Agent content-type image/png accept-ranges bytes content-length 28257
GET		css fonts.googleapis.com/	0 0
GET H2	200	widget.html cdn.flipsnack.com/widget/v2/ Frame 38DA	0 0	98ms 29ms	Document text/html	108.138.36.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.flipsnack.com/widget/v2/widget.html?hash=ftu5w3jjv&bgcolor=EEEEEE&t=1528986146 Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-42.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.kosmetiksuma.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers * access-control-allow-methods GET, PUT, POST access-control-allow-origin * age 24290 alt-svc h3=":443"; ma=86400 cache-control no-cache,no-store content-encoding gzip content-type text/html date Sat, 22 Jun 2024 08:33:35 GMT etag W/"d9e248b0f0309d476e9b0e94b891645a" last-modified Mon, 17 Jun 2024 08:27:25 GMT server AmazonS3 vary Accept-Encoding via 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront) x-amz-cf-id UByus7yB1-0-UPrNN24jTkk9wnB70muP27jVVO-z7UJvPLo6lPKynA== x-amz-cf-pop MUC50-P2 x-amz-server-side-encryption AES256 x-amz-version-id QhDU90gLzsc5LdTkF3J9eHjsL_geAHtc x-cache Hit from cloudfront
GET H2	200	vinous.jpg www.kosmetiksuma.de/kosmetiksuma/images/	56 KB 56 KB	32ms 31ms	Image image/jpeg	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://www.kosmetiksuma.de/kosmetiksuma/images/vinous.jpg Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/layout.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash f16eab924900bb54928c1858b879a1d309d601920822c86fc274fc1b981dc4f9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/layout.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT last-modified Fri, 16 Dec 2016 18:00:16 GMT server Apache/2.4.59 (Unix) etag "de6e-543ca57a11caa" vary User-Agent content-type image/jpeg accept-ranges bytes content-length 56942
GET H2	200	js Show response www.googletagmanager.com/gtag/	249 KB 88 KB	42ms 41ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-RQ4ETDL4N5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-72928463-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2a8a8d187817753863515a8628880001767772b5e28cdf933a6eba2d6cba51a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 90491 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 22 Jun 2024 15:12:32 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	35ms 8ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-72928463-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 22 Jun 2024 14:29:07 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 2605 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 22 Jun 2024 16:29:07 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/	431 KB 145 KB	82ms 82ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3713213996077638&plah=www.kosmetiksuma.de&aplac=true Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 19aa98a2b09ab43807e8a1a7fd600eb38941a7cc229de6b9df4cb0b3a006db6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:32 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148835 x-xss-protection 0 server cafe etag 12840680355341258989 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 22 Jun 2024 15:12:32 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 209 B	21ms 16ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1533312314&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kosmetiksuma.de%2F&ul=de-de&de=UTF-8&dt=Kosmetik-Institut%20by%20Vinous%20Suma%20%7C%20in%20Wuppertal%20Elberfeld&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1579137321&gjid=990487164&cid=1509839809.1719069153&tid=UA-72928463-1&_gid=536010909.1719069153&_r=1&gtm=457e46j0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=804204487 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 22 Jun 2024 15:12:32 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.kosmetiksuma.de cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 257 B	41ms 15ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-RQ4ETDL4N5&gtm=45je46j0v9112095800za200&_p=1719069152584&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1509839809.1719069153&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1719069152&sct=1&seg=0&dl=https%3A%2F%2Fwww.kosmetiksuma.de%2F&dt=Kosmetik-Institut%20by%20Vinous%20Suma%20%7C%20in%20Wuppertal%20Elberfeld&en=page_view&_fv=1&_ss=1&tfd=375&_z=sendBeacon Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RQ4ETDL4N5&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 22 Jun 2024 15:12:32 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.kosmetiksuma.de cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	zrt_lookup_fy2021.html pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/ Frame 796B	0 0	70ms 37ms	Document text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3713213996077638&plah=www.kosmetiksuma.de&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.kosmetiksuma.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 70475 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4164 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Jun 2024 19:37:58 GMT etag 9187630395144177108 expires Fri, 05 Jul 2024 19:37:58 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	173ms 161ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: www.kosmetiksuma.de URL: https://www.kosmetiksuma.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 22 Jun 2024 15:12:33 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads pagead2.googlesyndication.com/pagead/ Frame B8C0	0 0	79ms 63ms	Document text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3713213996077638&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1588255014&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.kosmetiksuma.de%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_7~31_3~27_8~29_11&aiixl=32_9~31_8~27_3~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719069152765&bpp=2&bdt=194&idt=186&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5110928458773&frm=20&pv=2&ga_vid=1509839809.1719069153&ga_sid=1719069153&ga_hid=1533312314&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084688%2C44795921%2C95334510%2C95334527%2C95334566%2C95334570%2C95334830%2C95335896%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=815129613834984&tmod=367034484&uas=0&nvt=1&fsapi=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=213 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3713213996077638&plah=www.kosmetiksuma.de&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.kosmetiksuma.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 22 Jun 2024 15:12:33 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	17 KB 13 KB	72ms 56ms	XHR application/json	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240618&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3713213996077638&plah=www.kosmetiksuma.de&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash f6fc82791f55abf12d401c1e055f04bb373aa81935894e8fe5a86c0bbbb4d32a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:33 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12843 x-xss-protection 0
GET H2	200	favicon.ico www.kosmetiksuma.de/	4 KB 4 KB	19ms 19ms	Other image/x-icon	2a01:238:20a:202:1082:: STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://www.kosmetiksuma.de/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:238:20a:202:1082:: , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS Software Apache/2.4.59 (Unix) / Resource Hash 24c4b59c8d077f21c64231c599879947144ccb9613afafcd46be899ab7e5248f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:33 GMT last-modified Thu, 17 Aug 2017 18:32:56 GMT server Apache/2.4.59 (Unix) etag "1169-556f73dc76a9c" vary User-Agent content-type image/x-icon accept-ranges bytes content-length 4457
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	50ms 21ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3713213996077638&plah=www.kosmetiksuma.de&aplac=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.kosmetiksuma.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 15:12:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 22 Jun 2024 15:12:33 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 54BA	0 0	30ms 7ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.kosmetiksuma.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 1087 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 22 Jun 2024 14:54:26 GMT expires Sun, 22 Jun 2025 14:54:26 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.googleapis.com

URL

http://fonts.googleapis.com/css?family=Lato:300,400

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240618&jk=815129613834984&bg=!5Oel56jNAAb64txl2uI7ADQBe5WfOI5RwAuQYEk_OhuuXjY85fCCxuuSm4mvkPUxNYMqOZoJJ9GW0YVy18-VBJ9xwag_AgAAADVSAAAAAmgBB34ANu3hGg6N2lzmH8k0LdWg_SuL-KB_fljV09uNtKrh46WkBaj_toiK_QHEqutiyw7wSLUZtLHkgZkC6uVw-JnXxTBUSzCibmNEz3Plb9Ld60m5azFUe7qCrXGLkTTXUUOx8wuH2P2yVfkMkUhCpsxG5jR4URRWIf4WisDB7SPTwTSj3tIy0jJNuTjQyHvq6-T8JtF2fr6PIidH2NENGr5VW6YIgWzuIVE-Wj-6GiCg_AP5VC3phz5WDy3CMgxNKNCTKIojigEYQ8NTbiXfmwdZcm-nXSXpq8JXetjguvqQbw2SM9o_UY1fNRQGlmLF9OOIvC-wFQ3DJm3bToVsoz23J1BF6o6Weod43mtBWarHOo3Bs0aoe6ucURncrn6eHV2xKmANiLfMKR4Od_i8PCeN68mFEoUSO3YLOC72NWa74YIVqkLctiHEVVwZUqeZ2c64Epy26hBYdpKLsDxKGdf2UTvgd0WtMrd_PuZ1llfqaHtoIUh9DGnseTYzGLi70OlqyZelttYE270CydHpr3q7XjMoC3VsRQSHabkVHadYxoTObW_lH0U0Y1S0Wi23s3VuCK66FrEhmFOTXWsNok8_lkHS8kPc6i-SgQV00KXZhieCumpCCr9PQmCCzmdzz2axeqxfjno3v_ekgj6dVL7uaDuiBEcN4rTk0JT8EoDj9avKmGEhAaG_RR2Hx8svD9LOtQ3OWSB1cr_GEYKDs3a7U8skZFyVxFjlswkjU_Y5nyxtRa3aDKZKRohBiOD8C6179NZ15CFZQy4h-vogPE_3b4MbZJqY7SZcJGRVVfFwp3MecMfX_jxFjrbte3bBykgan4JvOxcjl-n1DArhLrcRmBNMpyJ_SEJPuwJE1yIljdiY-9AygZ9zx2EYGB84Fnkon7-1L4NjnnWvRJ3Lbsa-8fvSgyUJOfdCu3pM5-hW8sX2-qjcaNVZmiRNkgNl-wa2QL1-Oj8wJGa1DM796VeVjmbHq22qj0_E52-Z3i2LsbFkciIq_Ur_pXn2Ykv2nkXBoGaifhBerDdr14MQ-l-HSe1NFmoB7J-KfzKMZ8GTmJqxsa6z

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage function| gtag object| dataLayer function| $ function| jQuery object| cookieconsent object| jQuery1111005200240613998197 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kosmetiksuma.de/	1970-01-20 21:32:35	Name: _gid Value: GA1.2.536010909.1719069153
			.kosmetiksuma.de/	1970-01-20 21:31:09	Name: _gat_gtag_UA_72928463_1 Value: 1
			.kosmetiksuma.de/	1970-01-21 07:07:09	Name: _ga_RQ4ETDL4N5 Value: GS1.1.1719069152.1.0.1719069152.0.0.0
			.kosmetiksuma.de/	1970-01-21 07:07:09	Name: _ga Value: GA1.1.1509839809.1719069153

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.kosmetiksuma.de/ Message: Mixed Content: The page at 'https://www.kosmetiksuma.de/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Lato:300,400'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.kosmetiksuma.de/icon.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.flipsnack.com
cdnjs.cloudflare.com
fonts.googleapis.com
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.kosmetiksuma.de
fonts.googleapis.com
pagead2.googlesyndication.com
104.17.25.14
108.138.36.42
142.250.186.130
2001:4860:4802:34::36
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2008
2a01:238:20a:202:1082::
0cf8452b17e4bf816e36e9eed7d23302f9e84137bdc050a85d4c8f8bf0bf6870
0f38f63217987334722b9394c42b6f84d6893535d6ef21023066263e5c1c0372
19aa98a2b09ab43807e8a1a7fd600eb38941a7cc229de6b9df4cb0b3a006db6d
24c29944ffca27f0d4ee1b8d74247c02886bdc40186ca0abec0b1217d0d6a11f
24c4b59c8d077f21c64231c599879947144ccb9613afafcd46be899ab7e5248f
2a8a8d187817753863515a8628880001767772b5e28cdf933a6eba2d6cba51a7
447354e08ef65f419c478d2708b3631942f8aaaa72612a5799e7ba7aaa1e88bf
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4ef4052e1a60da211d9653d64ea74be7351d0c503c32e36aa7abb3dc757edd32
507959d1bae0f30cb1979e30a087861aa8f418758dafaddd74c4d025d599ad55
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65a7dbc90a755792df242f36cda43da1d53c65f34b4e88c9f70f8a9276e50863
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
83fa41148c7c5f409ef73323ece5aaf4765e8b7c28b467a7360c50486d057d06
9d8936b15062948ff34273e2eb4c651e9fc756adab105648331ecdc77dca798b
ae3b158daae9e76f2539580920926fabe5d77b95b9ba07bb98148aaec864b23b
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b59accdfb3b305422d831a68603a8d57f533885839d1c8dfa58363ab6cbb24e7
c8b9269c22737c17107d3e3144f9e3eefc3e4dfb6c8d77f67973973c41a6da5a
d74b19cf4e9f7f1d517989d90e848d474e3247af5a531ccc15e1979f41ba9365
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f16eab924900bb54928c1858b879a1d309d601920822c86fc274fc1b981dc4f9
f6fc82791f55abf12d401c1e055f04bb373aa81935894e8fe5a86c0bbbb4d32a
f8b5493c81354b6757a21bea6baedd5665b8cb9ca19a6ff4fbd40afef534f35f