www.sarahsblessing.de Open in urlscan Pro
34.202.75.89 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://premiumgoogle.com/
Effective URL:
https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Submission: On September 13 via api (September 13th 2022, 1:05:37 am UTC) from DE — Scanned from DE

Summary HTTP 115 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 23 domains to perform 115 HTTP transactions. The main IP is 34.202.75.89, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.sarahsblessing.de.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 28th 2022. Valid for: a year.

This is the only time www.sarahsblessing.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
2	172.67.73.116 172.67.73.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1 2	2606:4700:303... 2606:4700:3032::6815:2f4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 2	2606:4700:303... 2606:4700:3036::6815:2b50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.202.12.61 18.202.12.61	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.234.105 35.186.234.105	15169 (GOOGLE) (GOOGLE)
32	34.202.75.89 34.202.75.89	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:400... 2a04:4e42:400::622	() ()
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2.18.169.82 2.18.169.82	() ()
2	151.101.1.44 151.101.1.44	() ()
1	185.172.90.252 185.172.90.252	49981 (WORLDSTREAM) (WORLDSTREAM)
5	2a00:1450:400... 2a00:1450:4001:811::200e	() ()
2	2606:4700::68... 2606:4700::6812:527	() ()
6	2a00:1450:400... 2a00:1450:4001:80e::2003	() ()
1	142.250.74.194 142.250.74.194	() ()
1	2001:4860:480... 2001:4860:4802:34::36	() ()
3	2a00:1450:400... 2a00:1450:400c:c00::9a	() ()
1	70.42.32.159 70.42.32.159	() ()
1	2a00:1450:400... 2a00:1450:4001:809::2002	() ()
1	151.101.130.133 151.101.130.133	() ()
2	2a00:1450:400... 2a00:1450:4001:827::2004	() ()
115	23

1 15.197.142.173 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

premiumgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.73.116 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:2f4f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

content.akamaicdn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:2b50 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.dstreach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.12.61 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com

mediciinternet.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.234.105 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 105.234.186.35.bc.googleusercontent.com

www.fasttrack02.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 34.202.75.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-75-89.compute-1.amazonaws.com

www.sarahsblessing.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:400::622 (None, )

ASN- ()

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.169.82 (None, )

ASN- ()

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (None, )

ASN- ()

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:527 (None, )

ASN- ()

www.birthday-green-tram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
users.birthday-green-tram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (None, )

ASN- ()

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (None, )

ASN- ()

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (None, )

ASN- ()

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	sarahsblessing.de www.sarahsblessing.de	2 MB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	334 KB
5	google-analytics.com www.google-analytics.com	60 KB
5	wistia.com fast.wistia.com embed-ssl.wistia.com	187 KB
4	google.se www.google.se	691 B
4	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
4	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 768	57 KB
3	google.com region1.analytics.google.com www.google.com	1006 B
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 423 Failed	2 KB
2	gstatic.com fonts.gstatic.com	64 KB
2	birthday-green-tram.com www.birthday-green-tram.com users.birthday-green-tram.com	31 KB
2	taboola.com cdn.taboola.com trc.taboola.com	20 KB
2	outbrain.com amplify.outbrain.com tr.outbrain.com Failed	4 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	2 KB
2	go2cloud.org 2 redirects mediciinternet.go2cloud.org	2 KB
2	dstreach.com 1 redirects t.dstreach.com	6 KB
2	akamaicdn.org 1 redirects content.akamaicdn.org	6 KB
2	cdnflyer.com cdnflyer.com	10 KB
1	googleadservices.com www.googleadservices.com	16 KB
1	e-planning.net ads.us.e-planning.net — Cisco Umbrella Rank: 7606	90 B
1	fasttrack02.com 1 redirects www.fasttrack02.com	450 B
1	premiumgoogle.com 1 redirects premiumgoogle.com	323 B
0	offerspace.com Failed cdn.offerspace.com Failed
115	23

	Domain	Requested by
32	www.sarahsblessing.de	www.sarahsblessing.de
7	www.googletagmanager.com	www.sarahsblessing.de www.googletagmanager.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.google.se	www.sarahsblessing.de
4	fast.wistia.com	www.sarahsblessing.de fast.wistia.com
4	js-agent.newrelic.com	cdnflyer.com content.akamaicdn.org t.dstreach.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	bam.nr-data.net	js-agent.newrelic.com
2	www.google.com	www.sarahsblessing.de
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.sarahsblessing.de
2	mediciinternet.go2cloud.org	2 redirects
2	t.dstreach.com	1 redirects
2	content.akamaicdn.org	1 redirects
2	cdnflyer.com
1	users.birthday-green-tram.com	www.birthday-green-tram.com
1	embed-ssl.wistia.com	www.sarahsblessing.de
1	trc.taboola.com	cdn.taboola.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	tr.outbrain.com	amplify.outbrain.com www.sarahsblessing.de
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.birthday-green-tram.com	www.sarahsblessing.de
1	ads.us.e-planning.net	www.sarahsblessing.de
1	cdn.taboola.com	www.sarahsblessing.de
1	amplify.outbrain.com	www.sarahsblessing.de
1	www.fasttrack02.com	1 redirects
1	premiumgoogle.com	1 redirects
0	cdn.offerspace.com Failed	www.sarahsblessing.de
115	29

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.science.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-01` - `2022-11-30`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
sarahsblessing.de Go Daddy Secure Certificate Authority - G2	`2022-01-28` - `2023-01-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
ads.us.e-planning.net R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.se GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
embed-ssl.wistia.com R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Frame ID: 5AB02B4750508113F1174E6AB12526EB
Requests: 116 HTTP requests in this frame

Frame: https://users.birthday-green-tram.com/dBvBcc0C89LFh0les1CIUaEfUUQqVr65kpvreAy-jJwKuPauBusTVDUaQceTHmXatvF2MbKO_8JVRiiwDd5ztg~~?stm=1663031137466&e=pv&url=https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5&page=Lead&tv=js-3.2.1&tna=04948fa7-360c-4b46-aa17-574f8332b3f5&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=d54fa0d1-8899-4535-9920-c01b4a216197&dtm=1663031137463&vp=1600x1200&ds=1600x9813&vid=1&sid=a5050113-9926-4d6c-bff6-faa88175c85f&duid=04948fa7-360c-4b46-aa17-574f8332b3f5&fp=3285319060&jb=Lead&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaHR0cHM6Ly9zY2hlbWFzLm1heGVwdi5jb20vSnVtYmxlYmVycnkvc25vd3Bsb3ctc2NoZW1hcy9tYXN0ZXIvbGVhZC9qc29uc2NoZW1hLzEtMC0wLmpzb24iLCJkYXRhIjp7ImhpZF9wYXJhbSI6ImNsaWNraWQifX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy93ZWJfcGFnZS9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJpZCI6IjQzYzEwNzhiLWI0NmYtNGVjOC04ZTk1LWRhNzY2YmQ2MTdjNCJ9fSx7InNjaGVtYSI6ImlnbHU6b3JnLnczL1BlcmZvcm1hbmNlVGltaW5nL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Im5hdmlnYXRpb25TdGFydCI6MTY2MzAzMTEzNTA4OCwidW5sb2FkRXZlbnRTdGFydCI6MCwidW5sb2FkRXZlbnRFbmQiOjAsInJlZGlyZWN0U3RhcnQiOjAsInJlZGlyZWN0RW5kIjowLCJmZXRjaFN0YXJ0IjoxNjYzMDMxMTM1NTIwLCJkb21haW5Mb29rdXBTdGFydCI6MTY2MzAzMTEzNTUyMCwiZG9tYWluTG9va3VwRW5kIjoxNjYzMDMxMTM1NjE1LCJjb25uZWN0U3RhcnQiOjE2NjMwMzExMzU2MTUsImNvbm5lY3RFbmQiOjE2NjMwMzExMzU4MzIsInNlY3VyZUNvbm5lY3Rpb25TdGFydCI6MTY2MzAzMTEzNTcyMSwicmVxdWVzdFN0YXJ0IjoxNjYzMDMxMTM1ODMyLCJyZXNwb25zZVN0YXJ0IjoxNjYzMDMxMTM1OTcwLCJyZXNwb25zZUVuZCI6MTY2MzAzMTEzNTk3MSwiZG9tTG9hZGluZyI6MTY2MzAzMTEzNTk3NCwiZG9tSW50ZXJhY3RpdmUiOjE2NjMwMzExMzY4NjYsImRvbUNvbnRlbnRMb2FkZWRFdmVudFN0YXJ0IjoxNjYzMDMxMTM2ODY2LCJkb21Db250ZW50TG9hZGVkRXZlbnRFbmQiOjE2NjMwMzExMzY4NjgsImRvbUNvbXBsZXRlIjowLCJsb2FkRXZlbnRTdGFydCI6MCwibG9hZEV2ZW50RW5kIjowfX1dfQ
Frame ID: 97ADFD53C0C7D0C48DF342F72210AFD0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://premiumgoogle.com/ HTTP 301
https://cdnflyer.com/srv.html?id=5521620&pub=2151917 Page URL
https://cdnflyer.com/offer.php?id=5506109&pub=2151917&intredir=1 Page URL
https://content.akamaicdn.org/aff_c?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id... HTTP 302
https://content.akamaicdn.org/aff_r?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id... Page URL
https://t.dstreach.com/aff_c?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8... HTTP 302
https://t.dstreach.com/aff_r?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8... Page URL
http://mediciinternet.go2cloud.org/aff_c?offer_id=21352&aff_id=3018&aff_sub=826611387 HTTP 302
http://mediciinternet.go2cloud.org/aff_r?offer_id=21352&aff_id=3018&url=https%3A%2F%2Fwww.fasttrack02.com%2FMP5... HTTP 302
https://www.fasttrack02.com/MP5K5ZRN/XHBZ4ZP/?source_id=3018&sub1=10218947265b4c4006b3049fc4ca97 HTTP 302
https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f833... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

115
Requests

72 %
HTTPS

48 %
IPv6

23
Domains

29
Subdomains

23
IPs

4
Countries

2911 kB
Transfer

5615 kB
Size

17
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/p/CIaBA_SHiDe/

Search URL Search Domain Scan URL

URL: https://www.science.org/doi/10.1126/sciadv.abi6110
Title: https://www.science.org/doi/10.1126/sciadv.abi6110

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CNH5AaPgZ5X/?utm_source=ig_web_copy_link

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CNHkrsgjCzt/?igshid=1wrpwev81b2wh

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://premiumgoogle.com/ HTTP 301
https://cdnflyer.com/srv.html?id=5521620&pub=2151917 Page URL
https://cdnflyer.com/offer.php?id=5506109&pub=2151917&intredir=1 Page URL
https://content.akamaicdn.org/aff_c?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id%3D5506109%26transaction_id%3Dca35603248737f17763d7e8d4ce62c11 HTTP 302
https://content.akamaicdn.org/aff_r?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id%3D5506109%26transaction_id%3Dca35603248737f17763d7e8d4ce62c11 Page URL
https://t.dstreach.com/aff_c?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8d4ce62c11 HTTP 302
https://t.dstreach.com/aff_r?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8d4ce62c11&url=http%3A%2F%2Fmediciinternet.go2cloud.org%2Faff_c%3Foffer_id%3D21352%26aff_id%3D3018%26aff_sub%3D826611387 Page URL
http://mediciinternet.go2cloud.org/aff_c?offer_id=21352&aff_id=3018&aff_sub=826611387 HTTP 302
http://mediciinternet.go2cloud.org/aff_r?offer_id=21352&aff_id=3018&url=https%3A%2F%2Fwww.fasttrack02.com%2FMP5K5ZRN%2FXHBZ4ZP%2F%3Fsource_id%3D3018%26sub1%3D10218947265b4c4006b3049fc4ca97&urlauth=486420972319800699176840830597 HTTP 302
https://www.fasttrack02.com/MP5K5ZRN/XHBZ4ZP/?source_id=3018&sub1=10218947265b4c4006b3049fc4ca97 HTTP 302
https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://premiumgoogle.com/ HTTP 301
https://cdnflyer.com/srv.html?id=5521620&pub=2151917

Request Chain 6

https://content.akamaicdn.org/aff_c?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id%3D5506109%26transaction_id%3Dca35603248737f17763d7e8d4ce62c11 HTTP 302
https://content.akamaicdn.org/aff_r?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id%3D5506109%26transaction_id%3Dca35603248737f17763d7e8d4ce62c11

Request Chain 10

https://t.dstreach.com/aff_c?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8d4ce62c11 HTTP 302
https://t.dstreach.com/aff_r?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8d4ce62c11&url=http%3A%2F%2Fmediciinternet.go2cloud.org%2Faff_c%3Foffer_id%3D21352%26aff_id%3D3018%26aff_sub%3D826611387

115 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

srv.html Show response
cdnflyer.com/
Redirect Chain

http://premiumgoogle.com/
https://cdnflyer.com/srv.html?id=5521620&pub=2151917

11 KB
5 KB

370ms
307ms

Document
text/html

172.67.73.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnflyer.com/srv.html?id=5521620&pub=2151917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.116 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b653367314ac000bea195348522039f6ac8a2d3c6914835c3701326547f7851

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 749cf9a378129174-FRA
content-encoding: br
content-type: text/html
date: Tue, 13 Sep 2022 01:05:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2OcMI8sYfcie9Z7qt%2F4JaNMUS8ra9vfUFWDolDC8%2Bn2XmUI%2BDrmOuPxRyJZLJo9LYl%2BlNhXI894cnmMLHEJBIwo6jRtX3J0wFwdPsq6PkKPa%2BsMKKS0ORRRzpzASQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 91
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Sep 2022 01:05:32 GMT
Location: https://cdnflyer.com/srv.html?id=5521620&pub=2151917
Server: ip-100-74-3-158.eu-west-2.compute.internal
X-Request-Id: d1975846-2d8f-46e4-8ac4-a779ddf65a6d

GET
H2 200 nr-1216.min.js
js-agent.newrelic.com/ 38 KB
14 KB 59ms
19ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: cdnflyer.com
URL: https://cdnflyer.com/srv.html?id=5521620&pub=2151917
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnflyer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: QS55VTZ5KYBT01RF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: LqMYMQa4YU1cIYkATbA3xCSvsTD2lndpXc+K9jTcrBu4zKcsnQNt7LnOCIo6x7yoHpJFT7uuVmQ=
x-served-by: cache-hhn4030-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1663031133.093829,VS0,VE0
date: Tue, 13 Sep 2022 01:05:33 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1518

GET
H2 200 offer.php Show response
cdnflyer.com/ 11 KB
5 KB 309ms
308ms Document
text/html 172.67.73.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnflyer.com/offer.php?id=5506109&pub=2151917&intredir=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.116 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

225500bb4b781dc08329f8cc9adfa7a8b2b4570e0682350a82aebc95fe50c09a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdnflyer.com/srv.html?id=5521620&pub=2151917
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 749cf9a5997b9174-FRA
content-encoding: br
content-type: text/html
date: Tue, 13 Sep 2022 01:05:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzkPT8hz8B75HUyG77oQB2VvGcwEiLmLxfk%2F2aCXv%2FmN4T5HxexJPq7g47RgY7rmr%2FDHZXlkQXT73utuZ2dcZe5%2Bo2NsFB0P6C%2BQjZmEQVPZ9Pp4f3cnBPsJiCotQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET 62915533ca
bam.nr-data.net/1/ 0
0

POST 62915533ca
bam.nr-data.net/events/1/ 0
0

GET
H2 200 nr-1216.min.js
js-agent.newrelic.com/ 38 KB
14 KB 19ms
18ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: cdnflyer.com
URL: https://cdnflyer.com/offer.php?id=5506109&pub=2151917&intredir=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnflyer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: QS55VTZ5KYBT01RF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: LqMYMQa4YU1cIYkATbA3xCSvsTD2lndpXc+K9jTcrBu4zKcsnQNt7LnOCIo6x7yoHpJFT7uuVmQ=
x-served-by: cache-hhn4030-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1663031133.386771,VS0,VE0
date: Tue, 13 Sep 2022 01:05:33 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1519

GET
H2

200

aff_r Show response
content.akamaicdn.org/
Redirect Chain

https://content.akamaicdn.org/aff_c?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id%3D5506109%26transaction_id%3Dca35603248737f17763d7e8d4ce62c11
https://content.akamaicdn.org/aff_r?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id%3D5506109%26transaction_id%3Dca35603248737f17763d7e8d4ce62c11

11 KB
5 KB

254ms
253ms

Document
text/html

2606:4700:3032::6815:2f4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://content.akamaicdn.org/aff_r?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id%3D5506109%26transaction_id%3Dca35603248737f17763d7e8d4ce62c11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2f4f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b91d695cae0e97675a3a25ac9a3c99be6337372a355bb3ae0931275dd6d456eb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdnflyer.com/offer.php?id=5506109&pub=2151917&intredir=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 749cf9ab099dbb7d-FRA
content-encoding: br
content-type: text/html
date: Tue, 13 Sep 2022 01:05:34 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgucDEkIPjY5M41XC%2BAkF3msfuq21BCdSi2nLqGbM6bD%2FNM%2F%2FOYhJZsLQ0wgoli7cnMyaBsf2h%2BnpABqi7YgZkBoYoFgiBXhGUIvOVp%2BixOVW6dfcEUjrxUd%2BAYHmdJ0AuSwrxCrNJbeQs1k%2BxENKdpkXYI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 749cf9a9788bbb7d-FRA
content-type: text/html
date: Tue, 13 Sep 2022 01:05:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://content.akamaicdn.org/aff_r?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id%3D5506109%26transaction_id%3Dca35603248737f17763d7e8d4ce62c11
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4csah9TII1rjLIv8fLoMAmC2BjHxr0V19vfaUiRkVbe0lV353%2FrLaho%2BineazJNl9v9uyYHQnGPdxUY52bo1m5XfNN4GNuH4YzAsDsoswGmxd6%2F%2BbxUML3lW%2BUFNVD46RNwnzliCQ1%2BlMbw82VYciwWyiA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 62915533ca
bam.nr-data.net/1/ 49 B
625 B 496ms
455ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/62915533ca?a=14035018&v=1216.487a282&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=359&ck=1&ref=https://cdnflyer.com/offer.php&ap=58&be=330&fe=332&dc=332&perf=%7B%22timing%22:%7B%22of%22:1663031133043,%22n%22:0,%22u%22:313,%22ue%22:314,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:310,%22rpe%22:311,%22dl%22:314,%22di%22:332,%22ds%22:332,%22de%22:332,%22dc%22:332,%22l%22:332,%22le%22:332%7D,%22navigation%22:%7B%7D%7D&fp=334&fcp=334&at=QhYERANMTUo%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnflyer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:33 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 749cf9a8197b9957-FRA

POST 62915533ca
bam.nr-data.net/events/1/ 0
0

GET
H2 200 nr-1216.min.js
js-agent.newrelic.com/ 38 KB
14 KB 28ms
28ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: content.akamaicdn.org
URL: https://content.akamaicdn.org/aff_r?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id%3D5506109%26transaction_id%3Dca35603248737f17763d7e8d4ce62c11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: QS55VTZ5KYBT01RF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: LqMYMQa4YU1cIYkATbA3xCSvsTD2lndpXc+K9jTcrBu4zKcsnQNt7LnOCIo6x7yoHpJFT7uuVmQ=
x-served-by: cache-hhn4030-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1663031134.203872,VS0,VE0
date: Tue, 13 Sep 2022 01:05:34 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1520

GET
H2

200

aff_r
t.dstreach.com/
Redirect Chain

https://t.dstreach.com/aff_c?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8d4ce62c11
https://t.dstreach.com/aff_r?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8d4ce62c11&url=http%3A%2F%2Fmediciinternet.go2cloud.org%2Faff_c%3Foffer_id%3D21352%26aff_id%3D3018%...

11 KB
5 KB

559ms
258ms

Document
text/html

2606:4700:3036::6815:2b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.dstreach.com/aff_r?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8d4ce62c11&url=http%3A%2F%2Fmediciinternet.go2cloud.org%2Faff_c%3Foffer_id%3D21352%26aff_id%3D3018%26aff_sub%3D826611387

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:2b50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://content.akamaicdn.org/aff_r?url=https%3A%2F%2Ft.dstreach.com%2Faff_c%3Faff_id%3D5992998%26offer_id%3D5506109%26transaction_id%3Dca35603248737f17763d7e8d4ce62c11
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 749cf9b0a8bc9be2-FRA
content-encoding: br
content-type: text/html
date: Tue, 13 Sep 2022 01:05:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8%2FrSFUlOrWSXKuh5XPg%2FmOcW9ouR%2FsPDQcyIO3hzrmizW1TIa4%2BUYHNQIjQwlxcJnTjNORUbPhy5a5%2FQASqZ9JlGeYhmYplNACqc9GXm%2BBCdewAbSa94Fbqc91cRTrd0Mz6lYk5m6r9HlEK1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 749cf9ad3d949be2-FRA
content-type: text/html
date: Tue, 13 Sep 2022 01:05:34 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://t.dstreach.com/aff_r?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8d4ce62c11&url=http%3A%2F%2Fmediciinternet.go2cloud.org%2Faff_c%3Foffer_id%3D21352%26aff_id%3D3018%26aff_sub%3D826611387
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNuvtf80wjyY9Vz6zcj%2B4MPEFla3mpdIatDhTK2aPouB0GYISrZo0AIEy6Wmf0W4or2AGo43iccmQu2JLzalfQ41uJAFUZAbAmYNjyOHZduCsHZjJ0Qoo%2BCv9daC%2BzzbMKz7uPSJ81ZxRr01VA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 62915533ca
bam.nr-data.net/1/ 49 B
620 B 147ms
147ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/62915533ca?a=14035018&v=1216.487a282&to=blEHMktWXkQABkRQDFcbMBRQGFFbFQpCVhZNURdISV9A&rst=844&ck=1&ref=https://content.akamaicdn.org/aff_r&ap=7&be=808&fe=809&dc=809&perf=%7B%22timing%22:%7B%22of%22:1663031133375,%22n%22:0,%22r%22:1,%22re%22:543,%22f%22:543,%22dn%22:543,%22dne%22:543,%22c%22:543,%22ce%22:543,%22rq%22:544,%22rp%22:797,%22rpe%22:797,%22dl%22:800,%22di%22:809,%22ds%22:809,%22de%22:809,%22dc%22:809,%22l%22:809,%22le%22:810%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=QhYERANMTUo%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:34 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 749cf9aceca49957-FRA

POST 62915533ca
bam.nr-data.net/events/1/ 0
0

GET
H2 200 nr-1216.min.js
js-agent.newrelic.com/ 38 KB
14 KB 241ms
240ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: t.dstreach.com
URL: https://t.dstreach.com/aff_r?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8d4ce62c11&url=http%3A%2F%2Fmediciinternet.go2cloud.org%2Faff_c%3Foffer_id%3D21352%26aff_id%3D3018%26aff_sub%3D826611387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: QS55VTZ5KYBT01RF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: LqMYMQa4YU1cIYkATbA3xCSvsTD2lndpXc+K9jTcrBu4zKcsnQNt7LnOCIo6x7yoHpJFT7uuVmQ=
x-served-by: cache-hhn4030-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1663031135.321274,VS0,VE0
date: Tue, 13 Sep 2022 01:05:35 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1524

GET
H/1.1

200
OK

Primary Request gummy.php Show response
www.sarahsblessing.de/
Redirect Chain

http://mediciinternet.go2cloud.org/aff_c?offer_id=21352&aff_id=3018&aff_sub=826611387
http://mediciinternet.go2cloud.org/aff_r?offer_id=21352&aff_id=3018&url=https%3A%2F%2Fwww.fasttrack02.com%2FMP5K5ZRN%2FXHBZ4ZP%2F%3Fsource_id%3D3018%26sub1%3D10218947265b4c4006b3049fc4ca97&urlauth=...
https://www.fasttrack02.com/MP5K5ZRN/XHBZ4ZP/?source_id=3018&sub1=10218947265b4c4006b3049fc4ca97
https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

44 KB
13 KB

450ms
138ms

Document
text/html

34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 95d07b6a75716be756ddf83286079416a066afa1192a5e16af4327d8c64c0da4

Request headers

Referer: https://t.dstreach.com/aff_r?aff_id=5992998&offer_id=5506109&transaction_id=ca35603248737f17763d7e8d4ce62c11&url=http%3A%2F%2Fmediciinternet.go2cloud.org%2Faff_c%3Foffer_id%3D21352%26aff_id%3D3018%26aff_sub%3D826611387
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 11988
Content-Type: text/html
Date: Tue, 13 Sep 2022 01:05:35 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142
content-type: text/html; charset=utf-8
date: Tue, 13 Sep 2022 01:05:35 GMT
location: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 2f7a5311-eafd-4210-a01c-26b5d2733c39

GET
H/1.1 200
OK 62915533ca
bam.nr-data.net/1/ 49 B
625 B 142ms
141ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/62915533ca?a=14035018&v=1216.487a282&to=blEHMktWXkQABkRQDFcbMBRQGFFbFQpCVhZNURdISV9A&rst=1151&ck=1&ref=https://t.dstreach.com/aff_r&ap=8&be=901&fe=903&dc=903&perf=%7B%22timing%22:%7B%22of%22:1663031134185,%22n%22:0,%22r%22:1,%22re%22:334,%22f%22:334,%22dn%22:334,%22dne%22:334,%22c%22:334,%22ce%22:334,%22rq%22:635,%22rp%22:893,%22rpe%22:894,%22dl%22:896,%22di%22:903,%22ds%22:903,%22de%22:903,%22dc%22:903,%22l%22:903,%22le%22:903%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=QhYERANMTUo%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:35 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 749cf9b3e9489957-FRA

POST 62915533ca
bam.nr-data.net/events/1/ 0
0

GET
H/1.1 200
OK app.css
www.sarahsblessing.de/gummies_content/ 6 KB
7 KB 109ms
107ms Stylesheet
text/css 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummies_content/app.css
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ee8635cf7e905451f9563a05c38ebf78a684c19fd5cbafa6cddd67907551ed83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d4-190e"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6414

GET
H/1.1 200
OK utils.min.css
www.sarahsblessing.de/gummies_content/ 8 KB
8 KB 217ms
108ms Stylesheet
text/css 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummies_content/utils.min.css
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5ae153788e61f5fb70f96647a7030d115f453595062279fbb8f3cf8655e4b65e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d5-2082"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8322

GET
H/1.1 200
OK notify.css
www.sarahsblessing.de/gummies_content/ 2 KB
3 KB 324ms
105ms Stylesheet
text/css 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummies_content/notify.css
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: da8b8bda1027ea8e0be38b5d9fc7a4bde55979a2dc34c4be845326b00f2bc6d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d5-9c0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2496

GET
H/1.1 200
OK bootstrap.min.css
www.sarahsblessing.de/gummies_content/ 152 KB
152 KB 429ms
210ms Stylesheet
text/css 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummies_content/bootstrap.min.css
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d4-26074"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155764

GET
H/1.1 200
OK style.css
www.sarahsblessing.de/gummies_content/ 61 KB
61 KB 324ms
106ms Stylesheet
text/css 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummies_content/style.css
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: df15d29c40995313eb2257cfa8626aba668a7bac37fd4fcdc6532dad21bfe8f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d5-f42c"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62508

GET
H/1.1 200
OK animate.css
www.sarahsblessing.de/gummies_content/ 79 KB
80 KB 434ms
213ms Stylesheet
text/css 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummies_content/animate.css
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ed229a57e697e1eee579a1bbf898693bbf6f4b2acfa05f29bf30081db504fcca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d4-13de5"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81381

GET
H/1.1 200
OK instagram.css
www.sarahsblessing.de/gummies_content/ 425 B
671 B 430ms
106ms Stylesheet
text/css 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummies_content/instagram.css
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c67a027ad4aaae459ce6e57b378b10bc04c73d9177ef66ea7aabbf8aee1a31fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Thu, 10 Dec 2020 07:28:23 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5fd1ce17-1a9"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 425

GET
H/1.1 200
OK testimonials.css
www.sarahsblessing.de/gummies_content/ 446 B
692 B 536ms
105ms Stylesheet
text/css 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummies_content/testimonials.css
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6cea29e787caf2c388c5c323b2e5a4e39cad86df2cc93e12e4a9d821bc8a0631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Tue, 06 Apr 2021 05:54:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "606bf78b-1be"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

GET
H/1.1 200
OK style_v5.css
www.sarahsblessing.de/gummies_content/ 1 KB
1 KB 536ms
106ms Stylesheet
text/css 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummies_content/style_v5.css
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c26eb22f12b9fff451134a3154b705b4f21c5d02784e7dacd74fc52fe7635d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Wed, 26 Jan 2022 08:36:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61f107f6-4fa"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1274

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 84ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137730208-1

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

baa5b8f64eb3fff23a2c3d47f12a0cebf3a698b55de8833b34fe81a9309780fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42999
x-xss-protection: 0
expires: Tue, 13 Sep 2022 01:05:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 84ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-949713071

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e6a5a74112ff6a3db15b32ad809f53fe6a5dcb9b9ae478730d53b56f76fc263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46049
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Sep 2022 01:05:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 67ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-138979562-1

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

240afdb55e2f697ba1fe3acc52fe4010b9a7c993ec691afa0ffead0b31751e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41950
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Sep 2022 01:05:36 GMT

GET
H/1.1 200
OK verify-icon.png
www.sarahsblessing.de/gummies_content/images/ 11 KB
11 KB 109ms
108ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/verify-icon.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 496bd33026b66b0b1d4ce932fab20e88e8ed771922aa20feae9f810c329d270f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d5-2a5e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10846

GET
H/1.1 200
OK logo.png
www.sarahsblessing.de/gummies_content/images/ 5 KB
6 KB 115ms
105ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/logo.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0f89a4a1fe60189c4fd16d22557d5d6fc35d7874ac0dfc6d7dbf5df3fe44a4af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d5-15ae"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5550

GET
H/1.1 200
OK hero-index-mobile_v11.jpg
www.sarahsblessing.de/gummies_content/images/ 130 KB
130 KB 220ms
210ms Image
image/jpeg 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/hero-index-mobile_v11.jpg
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 691dea8288bf0dbaaa3198757d30879f758f0cafad5f4da437c219b72f0170c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Wed, 07 Sep 2022 09:43:37 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "631867c9-207e7"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 133095

GET
H/1.1 200
OK content_v11.png
www.sarahsblessing.de/gummies_content/images/ 278 KB
278 KB 115ms
106ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/content_v11.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d2c9960390a64088ebb7d0eca55fa2abda783c8b5e74c84fb1dc6422f8a345db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Wed, 07 Sep 2022 09:43:37 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "631867c9-456ed"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 284397

GET
H/1.1 200
OK hdr2.png
www.sarahsblessing.de/gummies_content/images/ 4 KB
4 KB 115ms
107ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/hdr2.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3427dc5e7592969625ceb2370610117e3ea08fe4246177e8744c310294030d91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d5-10b0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4272

GET
H/1.1 200
OK logo2.png
www.sarahsblessing.de/gummies_content/images/ 22 KB
23 KB 221ms
213ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/logo2.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6136d79f59bc20e07694a2168d450498e1c74def37497f35b3cfd7400f0b61f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 30 Aug 2021 10:21:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "612cb10f-59a4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22948

GET
H/1.1 200
OK security-icons-c1.png
www.sarahsblessing.de/gummies_content/images/ 4 KB
5 KB 265ms
107ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/security-icons-c1.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4a133f4a38951a5d80e147a72b309f060d0dee4413016f6ad569b79572a48f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d5-1199"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4505

GET
H/1.1 200
OK testimonials_20_gummy_decor_v3.png
www.sarahsblessing.de/gummies_content/images/ 80 KB
0 230ms
213ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/testimonials_20_gummy_decor_v3.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Fri, 29 Jan 2021 07:05:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6013b3b8-127e94"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1212052

GET
H/1.1 200
OK testimonials_20_gummy_mobile_v3.png
www.sarahsblessing.de/gummies_content/images/ 266 KB
266 KB 108ms
107ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/testimonials_20_gummy_mobile_v3.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cacfa4087d6c1883f0b0c2c83f0f34e9a36198c9974f6e75bafc8563f0525b23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Fri, 29 Jan 2021 07:05:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6013b3b8-42606"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 271878

GET
H/1.1 200
OK cbd-magazines_v3.png
www.sarahsblessing.de/gummies_content/images/ 64 KB
0 214ms
213ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/cbd-magazines_v3.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Wed, 07 Sep 2022 09:43:37 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "631867c9-3f62a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 259626

GET
H/1.1 200
OK corona_img_01.png
www.sarahsblessing.de/gummies_content/images/ 132 KB
132 KB 107ms
105ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/corona_img_01.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8986754a5396c293ef8bf9437f5e816c1a7be91aa840ee1b7eb26fd8b9a99ae5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Tue, 25 Jan 2022 10:54:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61efd6d2-20e4f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 134735

GET
H/1.1 200
OK doctor_mobile.png
www.sarahsblessing.de/gummies_content/images/ 256 KB
0 107ms
106ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/doctor_mobile.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Tue, 25 Jan 2022 11:54:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61efe4f0-56987"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 354695

GET
H/1.1 200
OK testimonials_01_gummy_de.png
www.sarahsblessing.de/gummies_content/images/ 269 KB
269 KB 107ms
107ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/testimonials_01_gummy_de.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 02186ba59dd353d1808db42f777c6da26a83cdbb631199a358f7b94e57346950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Tue, 06 Apr 2021 05:54:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "606bf78b-4337e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 275326

GET
H/1.1 200
OK testimonials_01_gummy_mobile_de.png
www.sarahsblessing.de/gummies_content/images/ 111 KB
111 KB 106ms
105ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/testimonials_01_gummy_mobile_de.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 609027eaa264aa0890dbf9ed74bce9ebcbabeb1851b42e5d7eb399b65d162360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Tue, 06 Apr 2021 05:54:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "606bf78b-1ba3d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 113213

GET
H/1.1 200
OK testimonials_02_gummy_de.png
www.sarahsblessing.de/gummies_content/images/ 231 KB
231 KB 108ms
108ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/testimonials_02_gummy_de.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0267fabbb1a439b2a2d06d93b484db1e89e2dd2feb724764eb36d7dc64274b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Tue, 06 Apr 2021 05:54:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "606bf78b-39cdc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 236764

GET
H/1.1 200
OK testimonials_02_gummy_mobile_de.png
www.sarahsblessing.de/gummies_content/images/ 100 KB
100 KB 106ms
106ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/testimonials_02_gummy_mobile_de.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 598bbd1e95f44584a0a650f3f5c90120e31ec27d43d96844d0a9ebecc895ebf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Tue, 06 Apr 2021 05:54:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "606bf78b-18e42"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101954

GET
H2 200 deky2p6qcp.jsonp Show response
fast.wistia.com/embed/medias/ 4 KB
2 KB 422ms
15ms Script
application/javascript 2a04:4e42:400::622

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/deky2p6qcp.jsonp

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 -, , ASN (),

Reverse DNS

Software

Resource Hash

4c7620e51dad752ee4b62191ed737434c9284b67321a301e71a409f5826695c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:37 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 46569
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1372
via: 1.1 varnish, 1.1 varnish
x-request-id: 7c260203376327d8337b548cad220c63
x-served-by: cache-iad-kjyo7100033-IAD, cache-hhn4023-HHN
x-runtime: 0.045743
referrer-policy: strict-origin-when-cross-origin
x-timer: S1663031137.179506,VS0,VE0
etag: W/"4c7620e51dad752ee4b62191ed737434"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 105
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 624 KB
114 KB 423ms
16ms Script
application/javascript 2a04:4e42:400::622

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 -, , ASN (),

Reverse DNS

Software

Resource Hash

6dd14af019830626bf4052398d957f3d9066c2167a4300e0932fb83a2a0a5bed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:37 GMT
content-encoding: br
vary: Accept-Encoding
age: 2005
x-cache: HIT, HIT
content-length: 116056
x-served-by: cache-iad-kiad7000036-IAD, cache-hhn4023-HHN
access-control-allow-origin: *
x-browser-version: 105
last-modified: Mon, 12 Sep 2022 15:35:17 GMT
x-timer: S1663031137.179652,VS0,VE0
etag: "631f51b5-1c558"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 100

GET
H2 200 swatch
fast.wistia.com/embed/medias/deky2p6qcp/ 4 KB
4 KB 421ms
15ms Image
image/jpeg 2a04:4e42:400::622

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/deky2p6qcp/swatch

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 -, , ASN (),

Reverse DNS

Software

Resource Hash

40b0ef7ccc1ab12d73fcc0390c4224e8ae94617c11901c41a0ef248addc70325

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:37 GMT
access-control-request-method: *
age: 55338
x-cache: HIT, HIT
content-disposition: inline
content-length: 3916
x-served-by: cache-iad-kiad7000090-IAD, cache-hhn4023-HHN
access-control-allow-origin: *, *
x-browser-version: 105
last-modified: Mon, 05 Apr 2021 17:29:23 UTC
x-timer: S1663031137.179633,VS0,VE0
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H/1.1 200
OK testimonials_03_gummy_de.png
www.sarahsblessing.de/gummies_content/images/ 352 KB
0 110ms
110ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/testimonials_03_gummy_de.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Tue, 06 Apr 2021 05:54:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "606bf78b-7dca9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 515241

GET
H/1.1 200
OK testimonials_03_gummy_mobile_de.png
www.sarahsblessing.de/gummies_content/images/ 80 KB
0 108ms
108ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/testimonials_03_gummy_mobile_de.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Tue, 06 Apr 2021 05:54:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "606bf78b-34b9a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 215962

GET
H/1.1 200
OK testimonials_04_gummy_de.png
www.sarahsblessing.de/gummies_content/images/ 352 KB
0 107ms
107ms Image
image/png 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/images/testimonials_04_gummy_de.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Last-Modified: Tue, 06 Apr 2021 05:54:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "606bf78b-788a0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 493728

GET testimonials_04_gummy_mobile_de.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET row-4-step-1_v3.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET row-4-step-2.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET row-4-step-3.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET row-4-step-1.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET cbd-receptors.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET gerry-w.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET 5stars.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET roxie.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET julie.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET ted-e.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET pete-g.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET nancy-k.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET susan.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET 60-day-money-back.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET beach-couple.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET footer_v9.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET footer_mobile_v3.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET website-secure.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET social-icons.jpg
www.sarahsblessing.de/gummies_content/images/ 0
0

GET ca.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET new-cta_v9.jpg
www.sarahsblessing.de/gummies_content/images/ 0
0

GET
H/1.1 200
OK codebase.min.js Show response
www.sarahsblessing.de/gummies_content/ 196 KB
197 KB 108ms
108ms Script
application/javascript 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sarahsblessing.de/gummies_content/codebase.min.js
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 942822bbfee4750b3a0a052f95f81eee8d2f1aef4e09c63b4c941bd44dff368b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:36 GMT
Last-Modified: Mon, 19 Oct 2020 12:17:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f8d83d4-31116"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 200982

GET
H2 200 css
fonts.googleapis.com/ 7 KB
707 B 81ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,500,600,700

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db1c72c7d87e4654ce4cdcae81ee694ebddb0129b50e1151edbe14ff75a4ddc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 01:05:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 13 Sep 2022 01:05:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Sep 2022 01:05:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 80ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f1d0ad08e99fd94041679d0a55a90426162b0305ab5daaf9fcb1d58867381ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 00:43:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 13 Sep 2022 01:05:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Sep 2022 01:05:36 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
47 KB 88ms
65ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZD6VXS

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e605a74351dadd6884d9abc3221b47de3fd13671fa5fcd8201ed0bdd21cb38b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47933
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Sep 2022 01:05:36 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 439ms
36ms Script
application/x-javascript 2.18.169.82

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.169.82 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3249
Expires: Tue, 13 Sep 2022 01:25:37 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1302513/ 57 KB
18 KB 431ms
121ms Script
application/javascript 151.101.1.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1302513/tfa.js
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26588ffda7d61fd9304eb11481048bb4aa13b049bb8b1090a0607b94196ff63f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 5x4at8ApyL21gXs0DjUll6Feua.MLYt1
content-encoding: gzip
etag: "9a976b80453c3b629799dd4bfda11e7c"
age: 0
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 17970
x-amz-id-2: vH2rD5VtChd5AirEJQ0zEi8UKRJcFH3jvZMZxxnrUYBiMbFQVQn4jWFxVM+u1ygwRx5T4qBa6B0=
x-served-by: cache-hhn4036-HHN
last-modified: Sun, 11 Sep 2022 11:08:03 GMT
server: AmazonS3
x-timer: S1663031137.184485,VS0,VE102
date: Tue, 13 Sep 2022 01:05:37 GMT
vary: Accept-Encoding
x-amz-request-id: QS5TC4BVQHNYD8AF
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 72
x-cache-hits: 1

GET
H2 200 f767e6fa5f04c5ad Show response
ads.us.e-planning.net/pct/3/305c6/ 2 B
90 B 134ms
36ms Script
application/x-javascript 185.172.90.252
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/pct/3/305c6/f767e6fa5f04c5ad?o=j&rnd=0.74810703662823671663031136625
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.sarahsblessing.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 13 Sep 2022 01:05:36 GMT
server: openresty
content-type: application/x-javascript
content-length: 2
x-sid: AMS-928

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 94ms
72ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-REPYM1L7KQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137730208-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81248521af25365065f5ca84c6518bcaaf1249a7afc91aaf94e87b0448b68eb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74415
x-xss-protection: 0
expires: Tue, 13 Sep 2022 01:05:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 332ms
22ms Script
text/javascript 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137730208-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 217
date: Tue, 13 Sep 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 13 Sep 2022 03:02:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 79ms
57ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-949713071&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137730208-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16be702543acb11e7112df91748c850c1c44a349d6c85e3951db3b8ea7099b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45997
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Sep 2022 01:05:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 99ms
78ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-138979562-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137730208-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a68a5735c477bca11066e9030b60889e30fb2d075ceabe478c36b7ca4e120d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41967
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Sep 2022 01:05:36 GMT

GET
H2 200 dBvBcc0C89LFh0les1CIUaEfUUQqVr65kpvreAy-jJwKuPauBusTVDUaQceTHmXatvF2MbKO_8JVRiiwDd5ztg~~ Show response
www.birthday-green-tram.com/ 89 KB
30 KB 473ms
163ms Script
application/javascript 2606:4700::6812:527

General

Check archive.org

Show headers Download Go to

Full URL

https://www.birthday-green-tram.com/dBvBcc0C89LFh0les1CIUaEfUUQqVr65kpvreAy-jJwKuPauBusTVDUaQceTHmXatvF2MbKO_8JVRiiwDd5ztg~~?hid=04948fa7360c4b46aa17574f8332b3f5&uid=&v=3.2.0

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:527 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8eef9980b7b2155091d90f03a9802e1f75d54836a873c519dcc021a339701d75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-backend-connect-time: 0.000
x-backend-status: 200
x-backend-server: hydra-mesh1
x-xss-protection: 0
pragma: no-cache
referrer-policy: never, no-referrer
x-backend-response-time: 0.020
server: cloudflare
x-robots-tag: none
content-type: application/javascript; charset=utf-8
cache-control: no-cache
content-security-policy: upgrade-insecure-requests
cf-ray: 749cf9bf68ab9a33-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET arrow-tab.png
cdn.offerspace.com/conceptweb/cbdhs/hs-gr/ 0
0

GET
H/1.1 404
Not Found index-form-container-model.png
www.sarahsblessing.de/gummies_content/ 10 KB
10 KB 156ms
147ms Image
text/html 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/index-form-container-model.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 19dabd1b8a116027b6a9e2b92c24babad0f7e30d156f38458d741cc1e037277d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummies_content/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 01:05:36 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 3353
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found right-arrow.png
www.sarahsblessing.de/gummies_content/ 10 KB
10 KB 157ms
141ms Image
text/html 34.202.75.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sarahsblessing.de/gummies_content/right-arrow.png
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.202.75.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-89.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5d0fe4767bcdae014ba2d2971140debc04cd10420af1f07c496d8ff8ba74ef38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/gummies_content/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 01:05:36 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 3341
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 217 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f382ffd271872cdef7cba74c23ef48f12011f94c1134299bec5723e8e3f88bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET corona_bg.jpg
www.sarahsblessing.de/gummies_content/images/ 0
0

GET corona_img_02.png
www.sarahsblessing.de/gummies_content/images/ 0
0

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 433ms
44ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sarahsblessing.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:06:11 GMT
x-content-type-options: nosniff
age: 14366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:06:11 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
47 KB 412ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sarahsblessing.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:28:45 GMT
x-content-type-options: nosniff
age: 452212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:28:45 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 296ms
35ms Script
text/javascript 142.250.74.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-949713071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 01:05:37 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
351 B 259ms
28ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-REPYM1L7KQ&gtm=2oe970&_p=595205773&_gaz=1&cid=1172037002.1663031137&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663031136&sct=1&seg=0&dl=https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-REPYM1L7KQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sarahsblessing.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
351 B 317ms
30ms Ping
text/plain 2a00:1450:400c:c00::9a

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-REPYM1L7KQ&cid=1172037002.1663031137&gtm=2oe970&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-REPYM1L7KQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sarahsblessing.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 85ms
33ms Image
image/gif 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-REPYM1L7KQ&cid=1172037002.1663031137&gtm=2oe970&aip=1&z=1654329352

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 104 KB
40 KB 103ms
34ms Script
application/javascript 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NCXXPWQ&t=gtag_UA_137730208_1&cid=1172037002.1663031137

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adb2f84ed1f4f93c399de373f80515141b31d1831a7358911fceec80d5fc3878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41294
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Sep 2022 01:05:37 GMT

GET cachedClickId
tr.outbrain.com/ 0
0

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 520ms
100ms Image
image/gif 70.42.32.159

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=003a615623f6178353bc9065f1671ea927&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5&optOut=false&bust=08918695531114038&referrer=
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 01:05:37 GMT
Cache-Control: no-cache
X-TraceId: b70604da644955bd85e38d9bc7e886fb
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/949713071/ 2 KB
2 KB 116ms
64ms Script
text/javascript 2a00:1450:4001:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/949713071/?random=1663031137260&cv=9&fst=1663031137260&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5&auid=679446166.1663031137&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

adaa215e30869564cfc7eaa5ede04bf03890a69e3a5b98511af6d926451cae2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 127 KB
32 KB 19ms
19ms Script
application/javascript 2a04:4e42:400::622

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 -, , ASN (),

Reverse DNS

Software

Resource Hash

8d62fd06d48f53842cf78650bbeba172db7a6a347a12821fb81a9d8efab6f00e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:37 GMT
content-encoding: br
vary: Accept-Encoding
age: 2006
x-cache: HIT, HIT
content-length: 32366
x-served-by: cache-iad-kcgs7200176-IAD, cache-hhn4023-HHN
access-control-allow-origin: *
x-browser-version: 105
last-modified: Mon, 12 Sep 2022 15:35:17 GMT
x-timer: S1663031137.394587,VS0,VE0
etag: "631f51b5-7e6e"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 62

GET
H2 200 json Show response
trc.taboola.com/1302513/trc/3/ 2 KB
2 KB 53ms
38ms Script
application/javascript 151.101.1.44

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1302513/trc/3/json?tim=1663031137389&data=%7B%22id%22%3A254%2C%22ii%22%3A%22%2Fgummy.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1663031137384%2C%22cv%22%3A%2220220911-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-maikeaim-internet-marketingcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1663031137388%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A12%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1302513/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 5e3292c2a07a87c74ba463f560a73c1c62a89714d568c76358624c3ad3708b12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Tue, 13 Sep 2022 01:05:37 GMT
content-encoding: gzip
server: nginx
x-timer: S1663031137.417494,VS0,VE19
x-served-by: cache-hhn4036-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://www.sarahsblessing.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 43d201f4d107ff0b3ca0276b90e9b27a.webp
embed-ssl.wistia.com/deliveries/ 36 KB
36 KB 194ms
23ms Image
image/webp 151.101.130.133

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/43d201f4d107ff0b3ca0276b90e9b27a.webp?image_crop_resized=1152x648
Requested by: Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 01:05:37 GMT
via: 1.1 varnish, 1.1 varnish
age: 2290078
edge-cache-tag: 43d201f4d107ff0b3ca0276b90e9b27a
access-control-request-method: *
x-cache-hits: 1, 1
x-cache: HIT, HIT
content-length: 36394
x-served-by: cache-iad-kiad7000110-IAD, cache-hhn4040-HHN
last-modified: Mon, 05 Apr 2021 17:29:23 UTC
x-timer: S1663031138.633350,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline
cache-control: max-age=31536000
accept-ranges: bytes
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache

GET
H2 200 dBvBcc0C89LFh0les1CIUaEfUUQqVr65kpvreAy-jJwKuPauBusTVDUaQceTHmXatvF2MbKO_8JVRiiwDd5ztg~~
users.birthday-green-tram.com/ Frame 97AD 131 B
229 B 180ms
164ms Document
text/html 2606:4700::6812:527

General

Check archive.org

Show headers Download Go to

Full URL: https://users.birthday-green-tram.com/dBvBcc0C89LFh0les1CIUaEfUUQqVr65kpvreAy-jJwKuPauBusTVDUaQceTHmXatvF2MbKO_8JVRiiwDd5ztg~~?stm=1663031137466&e=pv&url=https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5&page=Lead&tv=js-3.2.1&tna=04948fa7-360c-4b46-aa17-574f8332b3f5&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=d54fa0d1-8899-4535-9920-c01b4a216197&dtm=1663031137463&vp=1600x1200&ds=1600x9813&vid=1&sid=a5050113-9926-4d6c-bff6-faa88175c85f&duid=04948fa7-360c-4b46-aa17-574f8332b3f5&fp=3285319060&jb=Lead&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaHR0cHM6Ly9zY2hlbWFzLm1heGVwdi5jb20vSnVtYmxlYmVycnkvc25vd3Bsb3ctc2NoZW1hcy9tYXN0ZXIvbGVhZC9qc29uc2NoZW1hLzEtMC0wLmpzb24iLCJkYXRhIjp7ImhpZF9wYXJhbSI6ImNsaWNraWQifX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy93ZWJfcGFnZS9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJpZCI6IjQzYzEwNzhiLWI0NmYtNGVjOC04ZTk1LWRhNzY2YmQ2MTdjNCJ9fSx7InNjaGVtYSI6ImlnbHU6b3JnLnczL1BlcmZvcm1hbmNlVGltaW5nL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Im5hdmlnYXRpb25TdGFydCI6MTY2MzAzMTEzNTA4OCwidW5sb2FkRXZlbnRTdGFydCI6MCwidW5sb2FkRXZlbnRFbmQiOjAsInJlZGlyZWN0U3RhcnQiOjAsInJlZGlyZWN0RW5kIjowLCJmZXRjaFN0YXJ0IjoxNjYzMDMxMTM1NTIwLCJkb21haW5Mb29rdXBTdGFydCI6MTY2MzAzMTEzNTUyMCwiZG9tYWluTG9va3VwRW5kIjoxNjYzMDMxMTM1NjE1LCJjb25uZWN0U3RhcnQiOjE2NjMwMzExMzU2MTUsImNvbm5lY3RFbmQiOjE2NjMwMzExMzU4MzIsInNlY3VyZUNvbm5lY3Rpb25TdGFydCI6MTY2MzAzMTEzNTcyMSwicmVxdWVzdFN0YXJ0IjoxNjYzMDMxMTM1ODMyLCJyZXNwb25zZVN0YXJ0IjoxNjYzMDMxMTM1OTcwLCJyZXNwb25zZUVuZCI6MTY2MzAzMTEzNTk3MSwiZG9tTG9hZGluZyI6MTY2MzAzMTEzNTk3NCwiZG9tSW50ZXJhY3RpdmUiOjE2NjMwMzExMzY4NjYsImRvbUNvbnRlbnRMb2FkZWRFdmVudFN0YXJ0IjoxNjYzMDMxMTM2ODY2LCJkb21Db250ZW50TG9hZGVkRXZlbnRFbmQiOjE2NjMwMzExMzY4NjgsImRvbUNvbXBsZXRlIjowLCJsb2FkRXZlbnRTdGFydCI6MCwibG9hZEV2ZW50RW5kIjowfX1dfQ
Requested by: Host: www.birthday-green-tram.com
URL: https://www.birthday-green-tram.com/dBvBcc0C89LFh0les1CIUaEfUUQqVr65kpvreAy-jJwKuPauBusTVDUaQceTHmXatvF2MbKO_8JVRiiwDd5ztg~~?hid=04948fa7360c4b46aa17574f8332b3f5&uid=&v=3.2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:527 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.sarahsblessing.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-ray: 749cf9c159db9a33-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 13 Sep 2022 01:05:37 GMT
server: cloudflare
vary: Accept-Encoding
x-backend-server: hydra-cloudflare

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
26ms XHR
text/plain 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=595205773&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUADQAAAAC~&jid=416716317&gjid=1993043885&cid=1172037002.1663031137&tid=UA-137730208-1&_gid=417129279.1663031137&_r=1&gtm=2ou970&z=274304076

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sarahsblessing.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sarahsblessing.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
27ms XHR
text/plain 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=595205773&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUADQAAAAC~&jid=724799940&gjid=1689976693&cid=1172037002.1663031137&tid=UA-138979562-1&_gid=417129279.1663031137&_r=1&gtm=2ou970&z=1683853358

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sarahsblessing.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sarahsblessing.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/j/ 2 B
22 B 27ms
27ms XHR
text/plain 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=595205773&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUADQAAAAC~&jid=1482750646&gjid=1870350612&cid=1172037002.1663031137&tid=UA-137730208-1&_gid=417129279.1663031137&_r=1&gtm=2wg970MZD6VXS&z=1185312800

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sarahsblessing.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sarahsblessing.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/949713071/ 42 B
548 B 144ms
33ms Image
image/gif 2a00:1450:4001:827::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/949713071/?random=1663031137260&cv=9&fst=1663030800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5&async=1&fmt=3&is_vtc=1&random=1801831147&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.se/pagead/1p-user-list/949713071/ 42 B
64 B 74ms
32ms Image
image/gif 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/949713071/?random=1663031137260&cv=9&fst=1663030800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sarahsblessing.de%2Fgummy.php%3Ftraffic_source%3Dgru%26AFID%3D323275%26clickid%3D04948fa7360c4b46aa17574f8332b3f5&async=1&fmt=3&is_vtc=1&random=1801831147&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
stats.g.doubleclick.net/j/ 4 B
25 B 81ms
27ms XHR
text/plain 2a00:1450:400c:c00::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-137730208-1&cid=1172037002.1663031137&jid=416716317&gjid=1993043885&_gid=417129279.1663031137&_u=aCDAAUACQAAAAC~&z=1071808419

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sarahsblessing.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 13 Sep 2022 01:05:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.sarahsblessing.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
stats.g.doubleclick.net/j/ 4 B
25 B 30ms
29ms XHR
text/plain 2a00:1450:400c:c00::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-137730208-1&cid=1172037002.1663031137&jid=1482750646&gjid=1870350612&_gid=417129279.1663031137&_u=aCDAAUADQAAAAC~&z=1284403447

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sarahsblessing.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 13 Sep 2022 01:05:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.sarahsblessing.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4001:827::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137730208-1&cid=1172037002.1663031137&jid=416716317&_u=aCDAAUACQAAAAC~&z=1966743927

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.se/ads/ 42 B
63 B 33ms
32ms Image
image/gif 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137730208-1&cid=1172037002.1663031137&jid=416716317&_u=aCDAAUACQAAAAC~&z=1966743927

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.com/ads/ 0
0

GET
H3 200 ga-audiences
www.google.se/ads/ 42 B
63 B 34ms
33ms Image
image/gif 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137730208-1&cid=1172037002.1663031137&jid=1482750646&_u=aCDAAUADQAAAAC~&z=2021038518

Requested by

Host: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sarahsblessing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 01:05:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/1/62915533ca?a=14035018&v=1216.487a282&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=607&ck=1&ref=https://cdnflyer.com/srv.html&ap=46&be=534&fe=538&dc=538&perf=%7B%22timing%22:%7B%22of%22:1663031132503,%22n%22:0,%22f%22:142,%22dn%22:143,%22dne%22:157,%22c%22:157,%22s%22:179,%22ce%22:205,%22rq%22:205,%22rp%22:512,%22rpe%22:513,%22dl%22:515,%22di%22:539,%22ds%22:539,%22de%22:539,%22dc%22:539,%22l%22:539,%22le%22:539%7D,%22navigation%22:%7B%7D%7D&fp=540&fcp=540&at=QhYERANMTUo%3D&jsonp=NREUM.setToken

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/62915533ca?a=14035018&v=1216.487a282&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=852&ck=1&ref=https://cdnflyer.com/srv.html

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/62915533ca?a=14035018&v=1216.487a282&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=1132&ck=1&ref=https://cdnflyer.com/offer.php

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/62915533ca?a=14035018&v=1216.487a282&to=blEHMktWXkQABkRQDFcbMBRQGFFbFQpCVhZNURdISV9A&rst=1705&ck=1&ref=https://content.akamaicdn.org/aff_r

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/62915533ca?a=14035018&v=1216.487a282&to=blEHMktWXkQABkRQDFcbMBRQGFFbFQpCVhZNURdISV9A&rst=1788&ck=1&ref=https://t.dstreach.com/aff_r

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/testimonials_04_gummy_mobile_de.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/row-4-step-1_v3.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/row-4-step-2.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/row-4-step-3.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/row-4-step-1.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/cbd-receptors.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/gerry-w.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/5stars.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/roxie.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/julie.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/ted-e.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/pete-g.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/nancy-k.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/susan.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/60-day-money-back.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/beach-couple.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/footer_v9.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/footer_mobile_v3.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/website-secure.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/social-icons.jpg

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/ca.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/new-cta_v9.jpg

Domain: cdn.offerspace.com
URL: https://cdn.offerspace.com/conceptweb/cbdhs/hs-gr/arrow-tab.png

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/corona_bg.jpg

Domain: www.sarahsblessing.de
URL: https://www.sarahsblessing.de/gummies_content/images/corona_img_02.png

Domain: tr.outbrain.com
URL: https://tr.outbrain.com/cachedClickId?marketerId=003a615623f6178353bc9065f1671ea927

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137730208-1&cid=1172037002.1663031137&jid=1482750646&_u=aCDAAUADQAAAAC~&z=2021038518

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cdnflyer.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: _q8SoNRMqhWIcAH2ilPlPuVrv6YxGy7QxJbKG0-WF59I6Fi7__-t8eL3TN7iPh9A
cdnflyer.com/	1969-12-31 23:59:59	Name: SERVERID Value: web4
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: b7905b2a50c36a37
content.akamaicdn.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: vO9AwcASlgQwICpTr57xKZELNz510gr8fPpcwND3KkoXyV0XlR7PdMrPxd9bLHu6
content.akamaicdn.org/	1969-12-31 23:59:59	Name: SERVERID Value: web4
t.dstreach.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: VLOwvR8BZesXJCGTFKTLJhkqzgzZusLLbj2GKlyWUcS3LMOnT_FWpB9QjtuQRyND
t.dstreach.com/	1969-12-31 23:59:59	Name: SERVERID Value: web4
www.fasttrack02.com/	1970-01-20 06:07:15	Name: uniqueClick_XHBZ4ZP Value: abc35688-d73e-44b5-a928-52f7700b4eca:1663031135
www.fasttrack02.com/	1970-01-20 08:06:47	Name: transaction_id Value: 04948fa7360c4b46aa17574f8332b3f5
.www.sarahsblessing.de/	1969-12-31 23:59:59	Name: osCsid Value: fhif84bqo4vmdcgd17r2ucimf6
.sarahsblessing.de/	1970-01-20 05:57:14	Name: afid Value: 323275
.sarahsblessing.de/	1970-01-20 05:57:14	Name: clid Value: 04948fa7360c4b46aa17574f8332b3f5
.sarahsblessing.de/	1970-01-20 05:57:14	Name: traffic_source Value: gru
.sarahsblessing.de/	1970-01-20 15:33:11	Name: dBvBcc0C89LFh0les1CIUid Value: 04948fa7360c4b46aa17574f8332b3f5.1663031137.0.1663031137.
.sarahsblessing.de/	1970-01-20 08:06:47	Name: _gcl_au Value: 1.1.679446166.1663031137
.sarahsblessing.de/	1970-01-20 15:33:11	Name: _ga_REPYM1L7KQ Value: GS1.1.1663031136.1.0.1663031136.60.0.0
.sarahsblessing.de/	1970-01-20 15:33:11	Name: _ga Value: GA1.1.1172037002.1663031137

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5(Line 109) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.us.e-planning.net/pct/3/305c6/f767e6fa5f04c5ad?o=j&rnd=0.74810703662823671663031136625, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.sarahsblessing.de/gummy.php?traffic_source=gru&AFID=323275&clickid=04948fa7360c4b46aa17574f8332b3f5(Line 109) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.us.e-planning.net/pct/3/305c6/f767e6fa5f04c5ad?o=j&rnd=0.74810703662823671663031136625, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.sarahsblessing.de/gummies_content/index-form-container-model.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.sarahsblessing.de/gummies_content/right-arrow.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.e-planning.net
amplify.outbrain.com
bam.nr-data.net
cdn.offerspace.com
cdn.taboola.com
cdnflyer.com
content.akamaicdn.org
embed-ssl.wistia.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
mediciinternet.go2cloud.org
premiumgoogle.com
region1.analytics.google.com
stats.g.doubleclick.net
t.dstreach.com
tr.outbrain.com
trc.taboola.com
users.birthday-green-tram.com
www.birthday-green-tram.com
www.fasttrack02.com
www.google-analytics.com
www.google.com
www.google.se
www.googleadservices.com
www.googletagmanager.com
www.sarahsblessing.de
bam.nr-data.net
cdn.offerspace.com
tr.outbrain.com
www.google.com
www.sarahsblessing.de
142.250.74.194
15.197.142.173
151.101.1.44
151.101.130.133
151.101.66.137
162.247.241.14
172.67.73.116
18.202.12.61
185.172.90.252
2.18.169.82
2001:4860:4802:34::36
2606:4700:3032::6815:2f4f
2606:4700:3036::6815:2b50
2606:4700::6812:527
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9a
2a04:4e42:400::622
34.202.75.89
35.186.234.105
70.42.32.159
02186ba59dd353d1808db42f777c6da26a83cdbb631199a358f7b94e57346950
0267fabbb1a439b2a2d06d93b484db1e89e2dd2feb724764eb36d7dc64274b7f
0b653367314ac000bea195348522039f6ac8a2d3c6914835c3701326547f7851
0f89a4a1fe60189c4fd16d22557d5d6fc35d7874ac0dfc6d7dbf5df3fe44a4af
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
16be702543acb11e7112df91748c850c1c44a349d6c85e3951db3b8ea7099b1f
19dabd1b8a116027b6a9e2b92c24babad0f7e30d156f38458d741cc1e037277d
225500bb4b781dc08329f8cc9adfa7a8b2b4570e0682350a82aebc95fe50c09a
240afdb55e2f697ba1fe3acc52fe4010b9a7c993ec691afa0ffead0b31751e7a
26588ffda7d61fd9304eb11481048bb4aa13b049bb8b1090a0607b94196ff63f
3427dc5e7592969625ceb2370610117e3ea08fe4246177e8744c310294030d91
40b0ef7ccc1ab12d73fcc0390c4224e8ae94617c11901c41a0ef248addc70325
496bd33026b66b0b1d4ce932fab20e88e8ed771922aa20feae9f810c329d270f
4a133f4a38951a5d80e147a72b309f060d0dee4413016f6ad569b79572a48f7a
4c7620e51dad752ee4b62191ed737434c9284b67321a301e71a409f5826695c3
598bbd1e95f44584a0a650f3f5c90120e31ec27d43d96844d0a9ebecc895ebf7
5ae153788e61f5fb70f96647a7030d115f453595062279fbb8f3cf8655e4b65e
5d0fe4767bcdae014ba2d2971140debc04cd10420af1f07c496d8ff8ba74ef38
5e3292c2a07a87c74ba463f560a73c1c62a89714d568c76358624c3ad3708b12
609027eaa264aa0890dbf9ed74bce9ebcbabeb1851b42e5d7eb399b65d162360
6136d79f59bc20e07694a2168d450498e1c74def37497f35b3cfd7400f0b61f0
691dea8288bf0dbaaa3198757d30879f758f0cafad5f4da437c219b72f0170c4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cea29e787caf2c388c5c323b2e5a4e39cad86df2cc93e12e4a9d821bc8a0631
6dd14af019830626bf4052398d957f3d9066c2167a4300e0932fb83a2a0a5bed
6e6a5a74112ff6a3db15b32ad809f53fe6a5dcb9b9ae478730d53b56f76fc263
7a68a5735c477bca11066e9030b60889e30fb2d075ceabe478c36b7ca4e120d4
7f1d0ad08e99fd94041679d0a55a90426162b0305ab5daaf9fcb1d58867381ad
81248521af25365065f5ca84c6518bcaaf1249a7afc91aaf94e87b0448b68eb6
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
8986754a5396c293ef8bf9437f5e816c1a7be91aa840ee1b7eb26fd8b9a99ae5
8d62fd06d48f53842cf78650bbeba172db7a6a347a12821fb81a9d8efab6f00e
8eef9980b7b2155091d90f03a9802e1f75d54836a873c519dcc021a339701d75
942822bbfee4750b3a0a052f95f81eee8d2f1aef4e09c63b4c941bd44dff368b
95d07b6a75716be756ddf83286079416a066afa1192a5e16af4327d8c64c0da4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
adaa215e30869564cfc7eaa5ede04bf03890a69e3a5b98511af6d926451cae2b
adb2f84ed1f4f93c399de373f80515141b31d1831a7358911fceec80d5fc3878
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
b91d695cae0e97675a3a25ac9a3c99be6337372a355bb3ae0931275dd6d456eb
baa5b8f64eb3fff23a2c3d47f12a0cebf3a698b55de8833b34fe81a9309780fc
c26eb22f12b9fff451134a3154b705b4f21c5d02784e7dacd74fc52fe7635d79
c67a027ad4aaae459ce6e57b378b10bc04c73d9177ef66ea7aabbf8aee1a31fb
cacfa4087d6c1883f0b0c2c83f0f34e9a36198c9974f6e75bafc8563f0525b23
d2c9960390a64088ebb7d0eca55fa2abda783c8b5e74c84fb1dc6422f8a345db
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
da8b8bda1027ea8e0be38b5d9fc7a4bde55979a2dc34c4be845326b00f2bc6d9
db1c72c7d87e4654ce4cdcae81ee694ebddb0129b50e1151edbe14ff75a4ddc6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df15d29c40995313eb2257cfa8626aba668a7bac37fd4fcdc6532dad21bfe8f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e605a74351dadd6884d9abc3221b47de3fd13671fa5fcd8201ed0bdd21cb38b7
ed229a57e697e1eee579a1bbf898693bbf6f4b2acfa05f29bf30081db504fcca
ee8635cf7e905451f9563a05c38ebf78a684c19fd5cbafa6cddd67907551ed83
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f382ffd271872cdef7cba74c23ef48f12011f94c1134299bec5723e8e3f88bc3
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

www.sarahsblessing.de Open in urlscan Pro 34.202.75.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

72 %HTTPS

48 %IPv6

23 Domains

29 Subdomains

23 IPs

4 Countries

2911 kBTransfer

5615 kBSize

17 Cookies

4 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sarahsblessing.de Open in urlscan Pro
34.202.75.89 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

72 %
HTTPS

48 %
IPv6

23
Domains

29
Subdomains

23
IPs

4
Countries

2911 kB
Transfer

5615 kB
Size

17
Cookies

115 HTTP transactions
2 data transactions