ww43.degutschein.com Open in urlscan Pro
192.64.147.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.xn--milk-t5b.com/promo/
Effective URL:
http://ww43.degutschein.com/
Submission: On November 27 via manual (November 27th 2018, 6:04:10 pm UTC) from DE

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 31 HTTP transactions. The main IP is 192.64.147.152, located in Tampa, United States and belongs to VOODOO1 - Voodoo.com, Inc, US. The main domain is ww43.degutschein.com.

This is the only time ww43.degutschein.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::681c:a66	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::6812:2650	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	192.95.33.34 192.95.33.34	16276 (OVH) (OVH)
1 1	2606:4700:30:... 2606:4700:30::681b:9fc1	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	2606:4700:30:... 2606:4700:30::681b:9ec1	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	103.224.182.243 103.224.182.243	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
15	192.64.147.152 192.64.147.152	19867 (VOODOO1) (VOODOO1 - Voodoo.com)
2	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:820::2011	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
31	12

1 2606:4700:30::681c:a66 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.xn--milk-t5b.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6812:2650 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hebpromo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.95.33.34 (Montréal, Canada)

ASN16276 (OVH, FR)
PTR: ns5001604.ip-192-95-33.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:9fc1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ar-vale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:9ec1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ar-vale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.182.243 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-243.above.com

degutschein.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.64.147.152 (Tampa, United States)

ASN19867 (VOODOO1 - Voodoo.com, Inc, US)
PTR: 192.64.147.152.voodoo.com

ww43.degutschein.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2011 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

survey.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	degutschein.com 1 redirects degutschein.com ww43.degutschein.com	33 KB
5	google.com www.google.com adservice.google.com	55 KB
3	doubleclick.net survey.g.doubleclick.net	150 KB
2	googleapis.com ajax.googleapis.com	66 KB
2	ar-vale.com 2 redirects ar-vale.com	863 B
2	histats.com s10.histats.com s4.histats.com	5 KB
1	google.de adservice.google.de	171 B
1	gstatic.com www.gstatic.com	392 B
1	hebpromo.com hebpromo.com	1 KB
1	xn--milk-t5b.com 1 redirects www.xn--milk-t5b.com	300 B
31	10

	Domain	Requested by
15	ww43.degutschein.com	ww43.degutschein.com ajax.googleapis.com
4	www.google.com	ww43.degutschein.com www.google.com
3	survey.g.doubleclick.net	www.google.com survey.g.doubleclick.net
2	ajax.googleapis.com	ww43.degutschein.com
2	ar-vale.com	2 redirects
1	adservice.google.com	survey.g.doubleclick.net
1	adservice.google.de	survey.g.doubleclick.net
1	www.gstatic.com	ww43.degutschein.com
1	degutschein.com	1 redirects
1	s4.histats.com	s10.histats.com
1	s10.histats.com	hebpromo.com
1	hebpromo.com
1	www.xn--milk-t5b.com	1 redirects
31	13

This site contains no links.

Subject Issuer	Validity	Valid
*.googleapis.com Google Internet Authority G3	`2018-10-30` - `2019-01-22`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-10-30` - `2019-01-22`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://ww43.degutschein.com/
Frame ID: 579A5D98D2CEEF5115C5DF8B63DDB645
Requests: 5 HTTP requests in this frame

Frame: http://ww43.degutschein.com/cf.php
Frame ID: 01BB267D63B29A1B8FB86E935510B1AB
Requests: 21 HTTP requests in this frame

Frame: http://ww43.degutschein.com/bh.php?dm=degutschein.com&kw=degutschein&tt=6d3848956cce9b9b214fcc6d3fe7527b&ty=false
Frame ID: 4618616D6D97E398EBBD7FD1A3FBD2A9
Requests: 1 HTTP requests in this frame

Frame: http://www.google.com/afs/ads/i/iframe.html
Frame ID: 6E47B9FFFD903C3ABE6F915293E8657D
Requests: 1 HTTP requests in this frame

Frame: http://www.google.com/afs/ads/i/iframe.html
Frame ID: 3A12AD2A241B5425C186F9526EE06BCE
Requests: 1 HTTP requests in this frame

Frame: http://www.google.com/dp/ads?max_radlink_len=32&r=m&domain_name=degutschein.com&client=dp-voodoo63_3ph&channel=000603&hl=en&adtest=off&optimize_terms=on&swp=as-drid-2751750104873742&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404&format=s%7Cr5%7Cr5&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=0&dt=1543341838789&u_w=1600&u_h=1200&biw=1600&bih=1200&isw=1600&ish=1200&psw=-1&psh=-1&frm=1&uio=sl1sr1--st22sv16sa16lt35-st22sv16sa16lt35&jsv=11712&rurl=http%3A%2F%2Fww43.degutschein.com%2Fcf.php&referer=http%3A%2F%2Fww43.degutschein.com%2F
Frame ID: 514619B63CFBF9A720BCDFD28CBF66BB
Requests: 1 HTTP requests in this frame

Frame: http://ww43.degutschein.com/status.php?domain=degutschein.com&trackingtoken=6d3848956cce9b9b214fcc6d3fe7527b&status=caf&u_his=2&u_h=1200&u_w=1600&d_h=1200&d_w=1600&u_top=0&u_left=0&http_referrer=http%3A%2F%2Fhebpromo.com%2Fbb%2F
Frame ID: 07C89DF78EF2F84CF4D886197DDE19AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.xn--milk-t5b.com/promo/ HTTP 301
http://hebpromo.com/bb/ Page URL
http://ar-vale.com/der HTTP 301
http://ar-vale.com/der/ HTTP 302
http://degutschein.com/ HTTP 302
http://ww43.degutschein.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

31
Requests

10 %
HTTPS

73 %
IPv6

10
Domains

13
Subdomains

12
IPs

5
Countries

311 kB
Transfer

812 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.xn--milk-t5b.com/promo/ HTTP 301
http://hebpromo.com/bb/ Page URL
http://ar-vale.com/der HTTP 301
http://ar-vale.com/der/ HTTP 302
http://degutschein.com/ HTTP 302
http://ww43.degutschein.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.xn--milk-t5b.com/promo/ HTTP 301
http://hebpromo.com/bb/

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set / Show response
hebpromo.com/bb/
Redirect Chain

http://www.xn--milk-t5b.com/promo/
http://hebpromo.com/bb/

999 B
1 KB

183ms
74ms

Document
text/html

2606:4700:30::6812:2650
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://hebpromo.com/bb/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2650 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92cd859bc9c439e20b59de337a57ef616b8716d4885b8ce2d64645478d65aca6

Request headers

Host: hebpromo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dec0a6b2c95d1f29855fff0690323208f1543341834; expires=Wed, 27-Nov-19 18:03:54 GMT; path=/; domain=.hebpromo.com; HttpOnly
Last-Modified: Fri, 02 Nov 2018 07:45:37 GMT
Vary: Accept-Encoding,User-Agent
Server: cloudflare
CF-RAY: 480683a357a92744-FRA
Content-Encoding: gzip

Redirect headers

Date: Tue, 27 Nov 2018 18:03:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Nov 2018 19:03:54 GMT
Location: http://hebpromo.com/bb/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 480683a2a3b7970c-FRA

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 10 KB
4 KB 120ms
56ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: hebpromo.com
URL: http://hebpromo.com/bb/
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560

Request headers

Referer: http://hebpromo.com/bb/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 17:55:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2017 15:26:33 GMT
X-CDN-Pop-IP: 137.74.120.32/27
ETag: "1262556565"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 4746
Content-Type: text/javascript
X-CDN-Pop: sbg
Accept-Ranges: bytes
Content-Length: 4243

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
322 B 277ms
137ms Script
text/html 192.95.33.34
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s4.histats.com/stats/0.php?4020142&@f16&@g1&@h1&@i1&@j1543341834983&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@vhttp%3A%2F%2Fhebpromo.com%2Fbb%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Server: 192.95.33.34 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5001604.ip-192-95-33.net
Software: /
Resource Hash: ab9df9b10beb8c35b8f35d8fdc165009757ab96c94eab6af99ba7a8e272328f5

Request headers

Referer: http://hebpromo.com/bb/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:55 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
ww43.degutschein.com/
Redirect Chain

http://ar-vale.com/der
http://ar-vale.com/der/
http://degutschein.com/
http://ww43.degutschein.com/

872 B
1012 B

666ms
228ms

Document
text/html

192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ww43.degutschein.com/
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: ee732fe30021873f38d4443746bdb5d10c4f28621ee7544af3ae78ca5b71d2c7

Request headers

Host: ww43.degutschein.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://hebpromo.com/bb/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://hebpromo.com/bb/

Response headers

Date: Tue, 27 Nov 2018 18:03:57 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Set-Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b; expires=Tue, 27-Nov-2018 18:33:57 GMT; path=/
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 502
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 27 Nov 2018 18:03:56 GMT
Server: Apache
X-Powered-By: PHP/5.6.38-0+deb8u1
Set-Cookie: __tad=1543341836.7182049; expires=Fri, 24-Nov-2028 18:03:56 GMT; Max-Age=315360000
Location: http://ww43.degutschein.com/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww43.degutschein.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 27 Nov 2018 11:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22579
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 33593
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2019 11:47:38 GMT

GET cf.php
ww43.degutschein.com/ Frame 01BB 0
0

GET
H/1.1 200
OK bh.php Show response
ww43.degutschein.com/ Frame 4618 517 B
727 B 609ms
165ms Document
text/html 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ww43.degutschein.com/bh.php?dm=degutschein.com&kw=degutschein&tt=6d3848956cce9b9b214fcc6d3fe7527b&ty=false
Requested by: Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: f35df80a4d596c15f205b37bf4a8110c527e24cc96091e8c399fd26565e690cb

Request headers

Host: ww43.degutschein.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://ww43.degutschein.com/
Accept-Encoding: gzip, deflate
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww43.degutschein.com/

Response headers

Date: Tue, 27 Nov 2018 18:03:58 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 318
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set cf.php Show response
ww43.degutschein.com/ Frame 01BB 7 KB
3 KB 646ms
206ms Document
text/html 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ww43.degutschein.com/cf.php
Requested by: Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: 72875bac721d89b28fe460e504f0a22c47de24f78f683cc4bea748e4cceaae38

Request headers

Host: ww43.degutschein.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://ww43.degutschein.com/
Accept-Encoding: gzip, deflate
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww43.degutschein.com/

Response headers

Date: Tue, 27 Nov 2018 18:03:58 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Set-Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b; expires=Tue, 27-Nov-2018 18:33:58 GMT; path=/
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 2191
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK master.css
ww43.degutschein.com/style/ Frame 01BB 4 KB
2 KB 160ms
159ms Stylesheet
text/css 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ww43.degutschein.com/style/master.css
Requested by: Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/cf.php
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: d7727b08b11fbc794282df2fe726bb7854fff72df4312323d10e8bf2236c9536

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ww43.degutschein.com/cf.php
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:58 GMT
Content-Encoding: gzip
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO PSA OUR"
Connection: close
Content-Type: text/css
Content-Length: 1413

GET
H/1.1 200
OK 960.css
ww43.degutschein.com/style/ Frame 01BB 3 KB
1 KB 587ms
154ms Stylesheet
text/css 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ww43.degutschein.com/style/960.css
Requested by: Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/cf.php
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: e7cf5475ef8b58ea35f8257de5d51322b1aa7178f988ae5fe14f454586bcbd07

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ww43.degutschein.com/cf.php
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:58 GMT
Content-Encoding: gzip
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO PSA OUR"
Connection: close
Content-Type: text/css
Content-Length: 893

GET
H/1.1 200
OK /
ww43.degutschein.com/min/ Frame 01BB 19 KB
4 KB 591ms
155ms Stylesheet
text/css 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ww43.degutschein.com/min/?b=css&f=v2_style_1.css
Requested by: Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/cf.php
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: 4d19e1ccb318471e1d4104f9c95859dc6a7cf298397c5dd7d3e5e7e3f77d45c6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ww43.degutschein.com/cf.php
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Nov 2018 18:03:58 GMT
Content-Encoding: gzip
ETag: "pub1439318371;gz"
Last-Modified: Tue, 11 Aug 2015 18:39:31 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/css; charset=utf-8
Content-Length: 3955
Expires: Mon, 31 Dec 2001 7:32:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 01BB 93 KB
34 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/cf.php

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 17:08:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 3316
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33845
X-XSS-Protection: 1; mode=block
Expires: Wed, 27 Nov 2019 17:08:42 GMT

GET
H/1.1 200
OK caf.js Show response
ww43.degutschein.com/js/ Frame 01BB 8 KB
3 KB 595ms
158ms Script
text/html 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ww43.degutschein.com/js/caf.js
Requested by: Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/cf.php
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: 5cd5a07b3182874ae2d7c446f05de7543680eb02d7c516cf3942395cd92f076d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://ww43.degutschein.com/cf.php
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:58 GMT
Content-Encoding: gzip
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO PSA OUR"
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 2533

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ Frame 01BB 156 KB
55 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/cf.php

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2d8a7ae80b76143aace36a81db0ad616bef8e9815a884b267c4328a6b641c7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "11712256586222599261"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block
Expires: Tue, 27 Nov 2018 18:03:58 GMT

GET
H/1.1 200
OK reset.css
ww43.degutschein.com/style/ Frame 01BB 737 B
660 B 434ms
157ms Stylesheet
text/css 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ww43.degutschein.com/style/reset.css
Requested by: Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/cf.php
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: 0157de8b2db746799d39cd6b1ee09188980d09e2ca4dfbba2bae079475097a56

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ww43.degutschein.com/cf.php
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:58 GMT
Content-Encoding: gzip
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO PSA OUR"
Connection: close
Content-Type: text/css
Content-Length: 403

GET
H/1.1 200
OK async_survey Show response
survey.g.doubleclick.net/ Frame 01BB 49 KB
18 KB 26ms
18ms Script
text/javascript 2a00:1450:4001:820::2011
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://survey.g.doubleclick.net/async_survey?site=kv4ic6olrzkr6

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2011 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Resource Hash

6ec14eec42ba9068fe86879510c62ec4c9599dd949528a28f2ea41be6234dc68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Nov 2018 18:03:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, no-cache, must-revalidate, no-store
Transfer-Encoding: chunked
Content-Disposition: attachment; filename="f.txt"
Vary: *
X-Xss-Protection: 1; mode=block
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK caf.gif
www.gstatic.com/domainads/tracking/ Frame 01BB 43 B
392 B 39ms
39ms Image
image/gif 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.gstatic.com/domainads/tracking/caf.gif?ts=1543341838785&rid=1126130

Requested by

Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/cf.php

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Nov 2018 18:03:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Apr 2016 03:17:22 GMT
Server: sffe
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Accept-Ranges: bytes
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bg_springmorning_01.png
ww43.degutschein.com/images/ Frame 01BB 266 B
616 B 613ms
163ms Image
image/png 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww43.degutschein.com/images/bg_springmorning_01.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) /
Resource Hash: a1ae809a918fdea575225aee27bf10e06f5cc67e6c407c51715a9cf68b565bec

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww43.degutschein.com/min/?b=css&f=v2_style_1.css
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/min/?b=css&f=v2_style_1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:59 GMT
Last-Modified: Thu, 08 Nov 2012 17:55:30 GMT
Server: Apache/2.2.3 (CentOS)
ETag: "10a-4cdff8a732880"
P3P: CP="CAO PSA OUR"
Cache-Control: max-age=2592000, public
Connection: close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 266
Expires: Thu, 27 Dec 2018 18:03:59 GMT

GET
H/1.1 200
OK online_game.jpg
ww43.degutschein.com/photos/750_150/ Frame 01BB 11 KB
11 KB 632ms
181ms Image
image/jpeg 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww43.degutschein.com/photos/750_150/online_game.jpg
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: 53f4e67a500d664f2482917899648d4480f55e89cae32084595c74baf3d63563

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww43.degutschein.com/cf.php
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Nov 2018 18:03:59 GMT
Content-Encoding: gzip
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 10640
Expires: Mon, 31 Dec 2001 7:32:00 GMT

GET
H/1.1 200
OK footer_slice_gradient.png
ww43.degutschein.com/images/ Frame 01BB 221 B
570 B 619ms
168ms Image
image/png 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww43.degutschein.com/images/footer_slice_gradient.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) /
Resource Hash: e0ea43a448c963c42f1dd0bc3b2a79149bd7f91c27d525d9e250c28b11130b4f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww43.degutschein.com/min/?b=css&f=v2_style_1.css
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/min/?b=css&f=v2_style_1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:59 GMT
Last-Modified: Fri, 19 Oct 2012 15:08:51 GMT
Server: Apache/2.2.3 (CentOS)
ETag: "dd-4cc6ae1a306c0"
P3P: CP="CAO PSA OUR"
Cache-Control: max-age=2592000, public
Connection: close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 221
Expires: Thu, 27 Dec 2018 18:03:59 GMT

GET
H/1.1 200
OK 101_search_bg.png
ww43.degutschein.com/images/ Frame 01BB 2 KB
2 KB 620ms
168ms Image
image/png 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww43.degutschein.com/images/101_search_bg.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) /
Resource Hash: f250c726fcdc070245560bc28dafbed774e6e51daaf2b51e8476577cea830550

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww43.degutschein.com/cf.php
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:59 GMT
Last-Modified: Tue, 16 Apr 2013 17:32:06 GMT
Server: Apache/2.2.3 (CentOS)
ETag: "7c3-4da7dbf887180"
P3P: CP="CAO PSA OUR"
Cache-Control: max-age=2592000, public
Connection: close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1987
Expires: Thu, 27 Dec 2018 18:03:59 GMT

GET
H/1.1 200
OK rightcap_springmorning_01.png
ww43.degutschein.com/images/ Frame 01BB 1 KB
2 KB 620ms
168ms Image
image/png 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww43.degutschein.com/images/rightcap_springmorning_01.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) /
Resource Hash: c333e024cc6959c5182ea935d17df6a8186152e0270f024b1f20eb4a8f758968

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww43.degutschein.com/min/?b=css&f=v2_style_1.css
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/min/?b=css&f=v2_style_1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:59 GMT
Last-Modified: Thu, 08 Nov 2012 17:55:30 GMT
Server: Apache/2.2.3 (CentOS)
ETag: "4f2-4cdff8a732880"
P3P: CP="CAO PSA OUR"
Cache-Control: max-age=2592000, public
Connection: close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1266
Expires: Thu, 27 Dec 2018 18:03:59 GMT

GET
H/1.1 200
OK leftcap_springmorning_01.png
ww43.degutschein.com/images/ Frame 01BB 1 KB
2 KB 1217ms
164ms Image
image/png 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww43.degutschein.com/images/leftcap_springmorning_01.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) /
Resource Hash: da0e73c09f0684527231269ab3606667838e0769e209a0e49e2f79de265dcbb2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ww43.degutschein.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ww43.degutschein.com/min/?b=css&f=v2_style_1.css
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ww43.degutschein.com/min/?b=css&f=v2_style_1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 18:03:59 GMT
Last-Modified: Thu, 08 Nov 2012 17:55:30 GMT
Server: Apache/2.2.3 (CentOS)
ETag: "4b7-4cdff8a732880"
P3P: CP="CAO PSA OUR"
Cache-Control: max-age=2592000, public
Connection: close
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1207
Expires: Thu, 27 Dec 2018 18:03:59 GMT

GET
H/1.1 200
OK iframe.html
www.google.com/afs/ads/i/ Frame 6E47 0
0 8ms
5ms Document
text/html 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.google.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://ww43.degutschein.com/cf.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww43.degutschein.com/cf.php

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 601
Date: Tue, 27 Nov 2018 17:27:56 GMT
Expires: Tue, 27 Nov 2018 18:27:56 GMT
Last-Modified: Thu, 08 Dec 2016 01:00:57 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 2162
Cache-Control: public, max-age=3600

GET
H/1.1 200
OK iframe.html
www.google.com/afs/ads/i/ Frame 3A12 0
0 13ms
9ms Document
text/html 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.google.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://ww43.degutschein.com/cf.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww43.degutschein.com/cf.php

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 601
Date: Tue, 27 Nov 2018 17:27:56 GMT
Expires: Tue, 27 Nov 2018 18:27:56 GMT
Last-Modified: Thu, 08 Dec 2016 01:00:57 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 2162
Cache-Control: public, max-age=3600

GET
H/1.1 200
OK Cookie set ads
www.google.com/dp/ Frame 5146 0
0 69ms
68ms Document
text/html 2a00:1450:4001:816::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/dp/ads?max_radlink_len=32&r=m&domain_name=degutschein.com&client=dp-voodoo63_3ph&channel=000603&hl=en&adtest=off&optimize_terms=on&swp=as-drid-2751750104873742&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404&format=s%7Cr5%7Cr5&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=0&dt=1543341838789&u_w=1600&u_h=1200&biw=1600&bih=1200&isw=1600&ish=1200&psw=-1&psh=-1&frm=1&uio=sl1sr1--st22sv16sa16lt35-st22sv16sa16lt35&jsv=11712&rurl=http%3A%2F%2Fww43.degutschein.com%2Fcf.php&referer=http%3A%2F%2Fww43.degutschein.com%2F

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: www.google.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://ww43.degutschein.com/cf.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww43.degutschein.com/cf.php

Response headers

Content-Type: text/html; charset=UTF-8
Content-Disposition: inline
Date: Tue, 27 Nov 2018 18:03:58 GMT
Expires: Tue, 27 Nov 2018 18:03:58 GMT
Cache-Control: private, max-age=3600
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Encoding: gzip
Server: gws
Content-Length: 6690
X-XSS-Protection: 1; mode=block
Set-Cookie: 1P_JAR=2018-11-27-18; expires=Thu, 27-Dec-2018 18:03:58 GMT; path=/; domain=.google.com NID=148=XVqoXFwRxFPwjFSk2MytzXbStfN49LGeDSCzEadnluqLUTKSiDKYA2UqHCTfwtoWbQJT_0xpghbS3l8XUJsq0rjnpuIQwFspxAiNsUDGsVY71vpq7WXelQV81JUlgaEdQuqPRxOaoZfysoCIJoPYp7-vqsqlVmhEU4bp82_Yr6E; expires=Wed, 29-May-2019 18:03:58 GMT; path=/; domain=.google.com; HttpOnly CONSENT=WP.273fcc; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com

GET
H/1.1 200
OK prompt_embed_static.js Show response
survey.g.doubleclick.net/insights/consumersurveys/static/414266791627916688/ Frame 01BB 353 KB
132 KB 6ms
6ms Script
application/javascript 2a00:1450:4001:820::2011
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://survey.g.doubleclick.net/insights/consumersurveys/static/414266791627916688/prompt_embed_static.js
Requested by: Host: survey.g.doubleclick.net
URL: http://survey.g.doubleclick.net/async_survey?site=kv4ic6olrzkr6
Protocol: HTTP/1.1
Server: 2a00:1450:4001:820::2011 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2c2b661fbd928ca9718a44ed357fe40f68ed91e36966c1c5fb8e57fd5137c80f

Request headers

Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 27 Nov 2018 16:45:09 GMT
Content-Encoding: gzip
Server: Google Frontend
Age: 4729
ETag: "Rm_XJQ"
Content-Type: application/javascript
X-Cloud-Trace-Context: 7c7da31ee6030a48d3e23a7420d76c3a
Cache-Control: public, max-age=2592000
Content-Length: 134650
Expires: Thu, 27 Dec 2018 16:45:09 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame 01BB 109 B
171 B 19ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ww43.degutschein.com

Requested by

Host: survey.g.doubleclick.net
URL: http://survey.g.doubleclick.net/async_survey?site=kv4ic6olrzkr6

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Nov 2018 18:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame 01BB 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ww43.degutschein.com

Requested by

Host: survey.g.doubleclick.net
URL: http://survey.g.doubleclick.net/async_survey?site=kv4ic6olrzkr6

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Nov 2018 18:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK prompt Show response
survey.g.doubleclick.net/gk/ Frame 01BB 0
410 B 19ms
19ms Script
text/javascript 2a00:1450:4001:820::2011
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://survey.g.doubleclick.net/gk/prompt?t=a&site=kv4ic6olrzkr6&random=1543341838860&ref=http%3A%2F%2Fww43.degutschein.com%2F&token=NT

Requested by

Host: survey.g.doubleclick.net
URL: http://survey.g.doubleclick.net/async_survey?site=kv4ic6olrzkr6

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2011 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ww43.degutschein.com/cf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Why: UserPrivacyInfo does not meet requirements to be served (LAT and/or OPT_OUT modifier).
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 27 Nov 2018 18:03:58 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Content-Disposition: attachment; filename="f.txt"
Content-Length: 23
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set status.php Show response
ww43.degutschein.com/ Frame 07C8 0
529 B 475ms
200ms Document
text/html 192.64.147.152
Voodoo.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ww43.degutschein.com/status.php?domain=degutschein.com&trackingtoken=6d3848956cce9b9b214fcc6d3fe7527b&status=caf&u_his=2&u_h=1200&u_w=1600&d_h=1200&d_w=1600&u_top=0&u_left=0&http_referrer=http%3A%2F%2Fhebpromo.com%2Fbb%2F
Requested by: Host: ww43.degutschein.com
URL: http://ww43.degutschein.com/js/caf.js
Protocol: HTTP/1.1
Server: 192.64.147.152 Tampa, United States, ASN19867 (VOODOO1 - Voodoo.com, Inc, US),
Reverse DNS: 192.64.147.152.voodoo.com
Software: Apache/2.2.3 (CentOS) / PHP/5.3.8
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: ww43.degutschein.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://ww43.degutschein.com/cf.php
Accept-Encoding: gzip, deflate
Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ww43.degutschein.com/cf.php

Response headers

Date: Tue, 27 Nov 2018 18:03:59 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.8
Set-Cookie: session=6d3848956cce9b9b214fcc6d3fe7527b; expires=Tue, 27-Nov-2018 18:33:59 GMT; path=/
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Content-Length: 20
Connection: close
Content-Type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ww43.degutschein.com
URL: http://ww43.degutschein.com/cf.php

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-25 20:05:16	Name: CONSENT Value: WP.273fcc
.google.com/	1970-01-19 01:05:53	Name: NID Value: 148=XVqoXFwRxFPwjFSk2MytzXbStfN49LGeDSCzEadnluqLUTKSiDKYA2UqHCTfwtoWbQJT_0xpghbS3l8XUJsq0rjnpuIQwFspxAiNsUDGsVY71vpq7WXelQV81JUlgaEdQuqPRxOaoZfysoCIJoPYp7-vqsqlVmhEU4bp82_Yr6E
.google.com/	1970-01-18 21:25:33	Name: 1P_JAR Value: 2018-11-27-18
ww43.degutschein.com/	1970-01-18 20:42:23	Name: session Value: 6d3848956cce9b9b214fcc6d3fe7527b

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://ww43.degutschein.com/cf.php(Line 190) Message: Status of abp variable: undefined
console-api	log	URL: http://ww43.degutschein.com/cf.php(Line 194) Message: ABP not-active or list not installed
console-api	log	URL: http://ww43.degutschein.com/js/caf.js(Line 77) Message: requestAccepted in cafCallback
console-api	log	URL: http://ww43.degutschein.com/js/caf.js(Line 78) Message: [object Object]
console-api	log	URL: http://ww43.degutschein.com/js/caf.js(Line 21) Message: [object Object]
console-api	log	URL: http://ww43.degutschein.com/js/caf.js(Line 22) Message: [object Object]
console-api	log	URL: http://ww43.degutschein.com/js/caf.js(Line 24) Message: requestAccepted

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
ar-vale.com
degutschein.com
hebpromo.com
s10.histats.com
s4.histats.com
survey.g.doubleclick.net
ww43.degutschein.com
www.google.com
www.gstatic.com
www.xn--milk-t5b.com
ww43.degutschein.com
103.224.182.243
192.64.147.152
192.95.33.34
2606:4700:30::6812:2650
2606:4700:30::681b:9ec1
2606:4700:30::681b:9fc1
2606:4700:30::681c:a66
2a00:1450:4001:810::2002
2a00:1450:4001:816::2004
2a00:1450:4001:816::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2011
2a00:1450:4001:821::2002
46.105.201.240
0157de8b2db746799d39cd6b1ee09188980d09e2ca4dfbba2bae079475097a56
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
2c2b661fbd928ca9718a44ed357fe40f68ed91e36966c1c5fb8e57fd5137c80f
2d8a7ae80b76143aace36a81db0ad616bef8e9815a884b267c4328a6b641c7e0
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4d19e1ccb318471e1d4104f9c95859dc6a7cf298397c5dd7d3e5e7e3f77d45c6
53f4e67a500d664f2482917899648d4480f55e89cae32084595c74baf3d63563
5cd5a07b3182874ae2d7c446f05de7543680eb02d7c516cf3942395cd92f076d
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6ec14eec42ba9068fe86879510c62ec4c9599dd949528a28f2ea41be6234dc68
72875bac721d89b28fe460e504f0a22c47de24f78f683cc4bea748e4cceaae38
92cd859bc9c439e20b59de337a57ef616b8716d4885b8ce2d64645478d65aca6
a1ae809a918fdea575225aee27bf10e06f5cc67e6c407c51715a9cf68b565bec
ab9df9b10beb8c35b8f35d8fdc165009757ab96c94eab6af99ba7a8e272328f5
c333e024cc6959c5182ea935d17df6a8186152e0270f024b1f20eb4a8f758968
cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560
d7727b08b11fbc794282df2fe726bb7854fff72df4312323d10e8bf2236c9536
da0e73c09f0684527231269ab3606667838e0769e209a0e49e2f79de265dcbb2
e0ea43a448c963c42f1dd0bc3b2a79149bd7f91c27d525d9e250c28b11130b4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7cf5475ef8b58ea35f8257de5d51322b1aa7178f988ae5fe14f454586bcbd07
ee732fe30021873f38d4443746bdb5d10c4f28621ee7544af3ae78ca5b71d2c7
f250c726fcdc070245560bc28dafbed774e6e51daaf2b51e8476577cea830550
f35df80a4d596c15f205b37bf4a8110c527e24cc96091e8c399fd26565e690cb

ww43.degutschein.com Open in urlscan Pro 192.64.147.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

10 %HTTPS

73 %IPv6

10 Domains

13 Subdomains

12 IPs

5 Countries

311 kBTransfer

812 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ww43.degutschein.com Open in urlscan Pro
192.64.147.152 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

10 %
HTTPS

73 %
IPv6

10
Domains

13
Subdomains

12
IPs

5
Countries

311 kB
Transfer

812 kB
Size

4
Cookies

31 HTTP transactions
0 data transactions