urlscan.io logo urlscan.io
SecurityTrails logo

www.abnehmenuebernacht.com Open in urlscan Pro
104.160.64.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://youutbe.com/
Effective URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Submission: On November 21 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 28 HTTP transactions. The main IP is 104.160.64.15, located in Wilmington, United States and belongs to GETRESPONSE-IMPLIX - GETRESPONSE, US. The main domain is www.abnehmenuebernacht.com.
This is the only time www.abnehmenuebernacht.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 85.159.233.44 43350 (NFORCE)
1 6 199.59.242.151 395082 (BODIS-NJ)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.211.55.247 14618 (AMAZON-AES)
1 1 35.158.68.101 16509 (AMAZON-02)
1 1 185.49.221.34 59905 (NTH)
5 104.160.64.15 46469 (GETRESPON...)
2 104.160.64.77 46469 (GETRESPON...)
5 205.185.216.10 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
28 12
2    85.159.233.44 (Netherlands)

ASN43350 (NFORCE, NL)
youutbe.com
6    199.59.242.151 (New York, United States)

ASN395082 (BODIS-NJ - Bodis, LLC, US)
ww1.youutbe.com
1    2a00:1450:4001:80b::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    18.211.55.247 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-211-55-247.compute-1.amazonaws.com
use.photios-raj.com
use.dauid-iep.com
1    35.158.68.101 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-68-101.eu-central-1.compute.amazonaws.com
goldpath.de
1    185.49.221.34 (Switzerland)

ASN59905 (NTH, HR)
clicks.goldlab.de
5    104.160.64.15 (Wilmington, United States)

ASN46469 (GETRESPONSE-IMPLIX - GETRESPONSE, US)
PTR: norevdns.getresponse.com
www.abnehmenuebernacht.com
2    104.160.64.77 (Wilmington, United States)

ASN46469 (GETRESPONSE-IMPLIX - GETRESPONSE, US)
PTR: norevdns.getresponse.com
ga.getresponse.com
5    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
us-ms.gr-cdn.com
us-as.gr-cdn.com
2    2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:81b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
Domain Requested by
6 ww1.youutbe.com 1 redirects youutbe.com
ww1.youutbe.com
5 www.abnehmenuebernacht.com use.dauid-iep.com
www.abnehmenuebernacht.com
3 us-as.gr-cdn.com www.abnehmenuebernacht.com
2 www.google-analytics.com www.abnehmenuebernacht.com
2 us-ms.gr-cdn.com www.abnehmenuebernacht.com
2 ga.getresponse.com www.abnehmenuebernacht.com
2 fonts.gstatic.com
2 youutbe.com 1 redirects
1 cdnjs.cloudflare.com ga.getresponse.com
1 ajax.googleapis.com us-as.gr-cdn.com
1 clicks.goldlab.de 1 redirects
1 goldpath.de 1 redirects
1 use.dauid-iep.com use.photios-raj.com
1 use.photios-raj.com ww1.youutbe.com
1 fonts.googleapis.com ww1.youutbe.com
1 www.google.com ww1.youutbe.com
28 16

This site contains links to these domains. Also see Links.

Domain
www.goldkiwimedia.com
Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh
*.getresponse.com
Go Daddy Secure Certificate Authority - G2		 2018-04-11 -
2020-04-11		 2 years crt.sh
*.gr-cdn.com
Go Daddy Secure Certificate Authority - G2		 2018-04-10 -
2020-04-10		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-22 -
2019-03-31		 6 months crt.sh

This page contains 1 frames:

Primary Page: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Frame ID: 1E19051CC0A4EA697C12ABF1FB8247C1
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://youutbe.com/ Page URL
  2. http://youutbe.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBRO... HTTP 302
    http://ww1.youutbe.com/ Page URL
  3. http://ww1.youutbe.com/rz?u=http%3A%2F%2Fuse.photios-raj.com%2Fzcvisitor%2Fc380f9ba-edc5-11e8-a0c7-... HTTP 302
    http://use.photios-raj.com/zcvisitor/c380f9ba-edc5-11e8-a0c7-065855a9e530?campaignid=6543b390-6d7f-11e8... Page URL
  4. http://use.dauid-iep.com/zcredirect?visitid=c380f9ba-edc5-11e8-a0c7-065855a9e530&type=js&browserWidth... Page URL
  5. http://goldpath.de/path/lp.php?trvid=12407&trvx=085ed493&cid=zrc380f9baedc511e8a0c7065855a9e530... HTTP 302
    http://clicks.goldlab.de/?aff_id=1767&offer_id=11896&ext_id=bdapmgn3lntf&aff_sub=12407&source=ZRP HTTP 302
    http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i
Overall confidence: 100%
Detected patterns
  • env /^Piwik$/i
  • env /^_paq$/i

Page Statistics

28
Requests

46 %
HTTPS

43 %
IPv6

13
Domains

16
Subdomains

12
IPs

5
Countries

618 kB
Transfer

1207 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://youutbe.com/ Page URL
  2. http://youutbe.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBROmie3I7c7vE835oE6YmU4&uuid=c2c46570-edc5-11e8-b17c-8b781c05f8b7 HTTP 302
    http://ww1.youutbe.com/ Page URL
  3. http://ww1.youutbe.com/rz?u=http%3A%2F%2Fuse.photios-raj.com%2Fzcvisitor%2Fc380f9ba-edc5-11e8-a0c7-065855a9e530%3Fcampaignid%3D6543b390-6d7f-11e8-9603-0e497388635c&notadsafe HTTP 302
    http://use.photios-raj.com/zcvisitor/c380f9ba-edc5-11e8-a0c7-065855a9e530?campaignid=6543b390-6d7f-11e8-9603-0e497388635c Page URL
  4. http://use.dauid-iep.com/zcredirect?visitid=c380f9ba-edc5-11e8-a0c7-065855a9e530&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  5. http://goldpath.de/path/lp.php?trvid=12407&trvx=085ed493&cid=zrc380f9baedc511e8a0c7065855a9e530c447f2ea16924815a1d7b55d1f07a995034099de2d015fb56b&target=november-rya-mywF3uIz&keyword=youutbe%2Cyouutbe%2Cyouutbe.com&match=&traffic_type=DOMAIN&geo=DE&visitor_type=NON-ADULT&os=MacOS&browser=Chrome&adtarget=flatlead01 HTTP 302
    http://clicks.goldlab.de/?aff_id=1767&offer_id=11896&ext_id=bdapmgn3lntf&aff_sub=12407&source=ZRP HTTP 302
    http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://youutbe.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBROmie3I7c7vE835oE6YmU4&uuid=c2c46570-edc5-11e8-b17c-8b781c05f8b7 HTTP 302
  • http://ww1.youutbe.com/
Request Chain 10
  • http://ww1.youutbe.com/rz?u=http%3A%2F%2Fuse.photios-raj.com%2Fzcvisitor%2Fc380f9ba-edc5-11e8-a0c7-065855a9e530%3Fcampaignid%3D6543b390-6d7f-11e8-9603-0e497388635c&notadsafe HTTP 302
  • http://use.photios-raj.com/zcvisitor/c380f9ba-edc5-11e8-a0c7-065855a9e530?campaignid=6543b390-6d7f-11e8-9603-0e497388635c
Request Chain 22
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 24
  • http://www.google-analytics.com/r/collect?v=1&_v=j72&a=1107570818&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abnehmenuebernacht.com%2Fleads01%3Ftransaction_id%3DC49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI&dr=http%3A%2F%2Fuse.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dc380f9ba-edc5-11e8-a0c7-065855a9e530%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=FlacherBauch%20-%20LeadGen%20Variants%2001&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=995436894&gjid=982908802&cid=1479510316.1542829430&tid=UA-113067272-10&_gid=1695062211.1542829430&_r=1&z=592946431 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1107570818&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abnehmenuebernacht.com%2Fleads01%3Ftransaction_id%3DC49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI&dr=http%3A%2F%2Fuse.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dc380f9ba-edc5-11e8-a0c7-065855a9e530%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=FlacherBauch%20-%20LeadGen%20Variants%2001&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=995436894&gjid=982908802&cid=1479510316.1542829430&tid=UA-113067272-10&_gid=1695062211.1542829430&_r=1&z=592946431

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
youutbe.com/ 		289 B
584 B 		Document
General
Check archive.org
Download Go to
Full URL
http://youutbe.com/
Protocol
HTTP/1.1
Server
85.159.233.44 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx /
Resource Hash
5fc566bd12b656d95c1becae3d1e87f88983856d2c5e2ddd3f46849158e92626

Request headers

Host
youutbe.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

server
nginx
date
Wed, 21 Nov 2018 19:43:46 GMT
content-length
289
set-cookie
sid=c2c46570-edc5-11e8-b17c-8b781c05f8b7; path=/; domain=youutbe.com; HttpOnly
cache-control
max-age=0, private, must-revalidate
content-type
text/html; charset=utf-8
connection
close
/
ww1.youutbe.com/
Redirect Chain
  • http://youutbe.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBROmie3I7c7vE835oE6YmU4&uuid=c2c46570-edc5-11e8-b17c-8b781c05f8b7
  • http://ww1.youutbe.com/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww1.youutbe.com/
Requested by
Host: youutbe.com
URL: http://youutbe.com/
Protocol
HTTP/1.1
Server
199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
05be1e85f1532e6de5e3f1008364e825e2db80cca8320c45ed9883e1b2372c27

Request headers

Host
ww1.youutbe.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://youutbe.com/
Accept-Encoding
gzip, deflate
Cookie
sid=c2c46570-edc5-11e8-b17c-8b781c05f8b7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://youutbe.com/

Response headers

Server
openresty
Date
Wed, 21 Nov 2018 19:43:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_bQ6Z0wkeCTcKUgoqlUNskm9UALIiPkX6JagalMMiZCpsVZtPXTGl/SFvb6UKwQheYvtl1kh62ecG7Uh5NNLQVQ==

Redirect headers

server
nginx
date
Wed, 21 Nov 2018 19:43:47 GMT
content-length
11
cache-control
max-age=0, private, must-revalidate
connection
close
location
http://ww1.youutbe.com
caf.js
www.google.com/adsense/domains/ 		156 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: ww1.youutbe.com
URL: http://ww1.youutbe.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2d8a7ae80b76143aace36a81db0ad616bef8e9815a884b267c4328a6b641c7e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ww1.youutbe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"11712256586222599261"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Wed, 21 Nov 2018 19:43:47 GMT
px.gif
ww1.youutbe.com/ 		42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ww1.youutbe.com/px.gif?ch=1&rn=8.932458323235211
Requested by
Host: ww1.youutbe.com
URL: http://ww1.youutbe.com/
Protocol
HTTP/1.1
Server
199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ww1.youutbe.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ww1.youutbe.com/
Cookie
sid=c2c46570-edc5-11e8-b17c-8b781c05f8b7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ww1.youutbe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:47 GMT
Last-Modified
Wed, 21 Nov 2018 16:53:18 GMT
Server
openresty
ETag
"5bf58d7e-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
px.gif
ww1.youutbe.com/ 		42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ww1.youutbe.com/px.gif?ch=2&rn=8.932458323235211
Requested by
Host: ww1.youutbe.com
URL: http://ww1.youutbe.com/
Protocol
HTTP/1.1
Server
199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ww1.youutbe.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ww1.youutbe.com/
Cookie
sid=c2c46570-edc5-11e8-b17c-8b781c05f8b7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ww1.youutbe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:47 GMT
Last-Modified
Wed, 21 Nov 2018 16:53:18 GMT
Server
openresty
ETag
"5bf58d7e-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
glp
ww1.youutbe.com/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ww1.youutbe.com/glp?r=http%3A%2F%2Fyouutbe.com%2F&u=http%3A%2F%2Fww1.youutbe.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by
Host: ww1.youutbe.com
URL: http://ww1.youutbe.com/
Protocol
HTTP/1.1
Server
199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
9db8aeb6d23a94938d204c0346b0e28d7c1c22acfd80121f5969fd4ffe84ef84

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ww1.youutbe.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://ww1.youutbe.com/
Cookie
sid=c2c46570-edc5-11e8-b17c-8b781c05f8b7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ww1.youutbe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Nov 2018 19:43:47 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ 		5 KB
771 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Requested by
Host: ww1.youutbe.com
URL: http://ww1.youutbe.com/glp?r=http%3A%2F%2Fyouutbe.com%2F&u=http%3A%2F%2Fww1.youutbe.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b433fff5919be961f970430072a831557793a468074cd8aaf30427dc6209dc3d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ww1.youutbe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 21 Nov 2018 19:43:47 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 21 Nov 2018 19:43:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 21 Nov 2018 19:43:47 GMT
gzb
ww1.youutbe.com/ 		198 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww1.youutbe.com/gzb
Requested by
Host: ww1.youutbe.com
URL: http://ww1.youutbe.com/glp?r=http%3A%2F%2Fyouutbe.com%2F&u=http%3A%2F%2Fww1.youutbe.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://ww1.youutbe.com
Accept-Encoding
gzip, deflate
Host
ww1.youutbe.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
http://ww1.youutbe.com/
Cookie
sid=c2c46570-edc5-11e8-b17c-8b781c05f8b7
Connection
keep-alive
Content-Length
254
Referer
http://ww1.youutbe.com/
Origin
http://ww1.youutbe.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 21 Nov 2018 19:43:48 GMT
Server
openresty
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
keep-alive
Content-Length
198
Expires
Mon, 26 Jul 1997 05:00:00 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://ww1.youutbe.com

Response headers

date
Wed, 14 Nov 2018 14:23:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:38 GMT
server
sffe
age
624007
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8732
x-xss-protection
1; mode=block
expires
Thu, 14 Nov 2019 14:23:40 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://ww1.youutbe.com

Response headers

date
Wed, 14 Nov 2018 18:56:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
607630
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8892
x-xss-protection
1; mode=block
expires
Thu, 14 Nov 2019 18:56:37 GMT
c380f9ba-edc5-11e8-a0c7-065855a9e530
use.photios-raj.com/zcvisitor/
Redirect Chain
  • http://ww1.youutbe.com/rz?u=http%3A%2F%2Fuse.photios-raj.com%2Fzcvisitor%2Fc380f9ba-edc5-11e8-a0c7-065855a9e530%3Fcampaignid%3D6543b390-6d7f-11e8-9603-0e497388635c&notadsafe
  • http://use.photios-raj.com/zcvisitor/c380f9ba-edc5-11e8-a0c7-065855a9e530?campaignid=6543b390-6d7f-11e8-9603-0e497388635c
1004 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://use.photios-raj.com/zcvisitor/c380f9ba-edc5-11e8-a0c7-065855a9e530?campaignid=6543b390-6d7f-11e8-9603-0e497388635c
Requested by
Host: ww1.youutbe.com
URL: http://ww1.youutbe.com/glp?r=http%3A%2F%2Fyouutbe.com%2F&u=http%3A%2F%2Fww1.youutbe.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
18.211.55.247 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-211-55-247.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
use.photios-raj.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://ww1.youutbe.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ww1.youutbe.com/

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Type
text/html;charset=UTF-8
Date
Wed, 21 Nov 2018 19:43:47 GMT
Server
ZeroPark-Traffic
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
transfer-encoding
chunked
Connection
keep-alive

Redirect headers

Server
openresty
Date
Wed, 21 Nov 2018 19:43:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Location
http://use.photios-raj.com/zcvisitor/c380f9ba-edc5-11e8-a0c7-065855a9e530?campaignid=6543b390-6d7f-11e8-9603-0e497388635c
zcredirect
use.dauid-iep.com/ 		812 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://use.dauid-iep.com/zcredirect?visitid=c380f9ba-edc5-11e8-a0c7-065855a9e530&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: use.photios-raj.com
URL: http://use.photios-raj.com/zcvisitor/c380f9ba-edc5-11e8-a0c7-065855a9e530?campaignid=6543b390-6d7f-11e8-9603-0e497388635c
Protocol
HTTP/1.1
Server
18.211.55.247 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-211-55-247.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
use.dauid-iep.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://use.photios-raj.com/zcvisitor/c380f9ba-edc5-11e8-a0c7-065855a9e530?campaignid=6543b390-6d7f-11e8-9603-0e497388635c
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://use.photios-raj.com/zcvisitor/c380f9ba-edc5-11e8-a0c7-065855a9e530?campaignid=6543b390-6d7f-11e8-9603-0e497388635c

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Type
text/html;charset=UTF-8
Date
Wed, 21 Nov 2018 19:43:48 GMT
redirected
JS
Server
ZeroPark-Traffic
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
transfer-encoding
chunked
Connection
keep-alive
Primary Request Cookie set leads01
www.abnehmenuebernacht.com/
Redirect Chain
  • http://goldpath.de/path/lp.php?trvid=12407&trvx=085ed493&cid=zrc380f9baedc511e8a0c7065855a9e530c447f2ea16924815a1d7b55d1f07a995034099de2d015fb56b&target=november-rya-mywF3uIz&keyword=youutbe%2Cyouu...
  • http://clicks.goldlab.de/?aff_id=1767&offer_id=11896&ext_id=bdapmgn3lntf&aff_sub=12407&source=ZRP
  • http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
56 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Requested by
Host: use.dauid-iep.com
URL: http://use.dauid-iep.com/zcredirect?visitid=c380f9ba-edc5-11e8-a0c7-065855a9e530&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
HTTP/1.1
Server
104.160.64.15 Wilmington, United States, ASN46469 (GETRESPONSE-IMPLIX - GETRESPONSE, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
8b150942d832d956efff8246c15e9c6e295710a79d39b486d00e986e83e24df9

Request headers

Host
www.abnehmenuebernacht.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://use.dauid-iep.com/zcredirect?visitid=c380f9ba-edc5-11e8-a0c7-065855a9e530&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://use.dauid-iep.com/zcredirect?visitid=c380f9ba-edc5-11e8-a0c7-065855a9e530&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

Server
nginx
Date
Wed, 21 Nov 2018 19:43:49 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Set-Cookie
squeeze-page=ucpk1suhrma3flk9266k2ursjt; path=/; HttpOnly n2iO[variantVersion]=3 n2iO[variantVersion]=0 n2iO[visit]=BWl15; expires=Wed, 21-Nov-2018 20:13:49 GMT; Max-Age=1800 n2iO[uniqueVisit]=BWl15; expires=Fri, 21-Dec-2018 19:43:49 GMT; Max-Age=2592000
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 21 Nov 2018 19:43:49 GMT
Content-Type
text/html
Content-Length
2
Connection
close
Location
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Set-Cookie
afm=transaction_id:C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI,protocol_type:QfO+Nuyw1MPeGZKaCVyXmA==,method_type:WkhjdlUZtJOKnE1wyaGozQ==,offer_id:11896; Path=/; domain=goldlab.de; Expires=Fri, 21 Dec 2018 20:43:49 CET
X-node
mas-vas-affiliate1.int.ch
reset.css
www.abnehmenuebernacht.com/images/lps/css/ 		960 B
738 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.abnehmenuebernacht.com/images/lps/css/reset.css?timestamp=20092017
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Server
104.160.64.15 Wilmington, United States, ASN46469 (GETRESPONSE-IMPLIX - GETRESPONSE, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
2058706a45c6d0f1f27af4cd6d6ab4affeb894b7cb323b9451c468147d611bd9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.abnehmenuebernacht.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Cookie
squeeze-page=ucpk1suhrma3flk9266k2ursjt; n2iO[variantVersion]=0; n2iO[visit]=BWl15; n2iO[uniqueVisit]=BWl15
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Nov 2018 16:06:39 GMT
Server
nginx
ETag
W/"5bf5828f-3c0"
Transfer-Encoding
chunked
Content-Type
text/css
core.css
www.abnehmenuebernacht.com/images/lps/css/ 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.abnehmenuebernacht.com/images/lps/css/core.css?timestamp=20092017
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Server
104.160.64.15 Wilmington, United States, ASN46469 (GETRESPONSE-IMPLIX - GETRESPONSE, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
06340d3c11871b79b657dec5ce0250db250313f79bb67eaf7df20c3e62679270

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.abnehmenuebernacht.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Cookie
squeeze-page=ucpk1suhrma3flk9266k2ursjt; n2iO[variantVersion]=0; n2iO[visit]=BWl15; n2iO[uniqueVisit]=BWl15
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Nov 2018 16:06:39 GMT
Server
nginx
ETag
W/"5bf5828f-49cf"
Transfer-Encoding
chunked
Content-Type
text/css
webform.css
www.abnehmenuebernacht.com/images/lps/css/ 		35 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.abnehmenuebernacht.com/images/lps/css/webform.css?timestamp=20092017
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Server
104.160.64.15 Wilmington, United States, ASN46469 (GETRESPONSE-IMPLIX - GETRESPONSE, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
6023c4b86ddb5328650a44e90a636317ac8364d7156aa54aed971b052c37f06a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.abnehmenuebernacht.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Cookie
squeeze-page=ucpk1suhrma3flk9266k2ursjt; n2iO[variantVersion]=0; n2iO[visit]=BWl15; n2iO[uniqueVisit]=BWl15
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Nov 2018 16:06:39 GMT
Server
nginx
ETag
W/"5bf5828f-8a8e"
Transfer-Encoding
chunked
Content-Type
text/css
style.css
www.abnehmenuebernacht.com/images/common/templates/landing/207/1/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.abnehmenuebernacht.com/images/common/templates/landing/207/1/css/style.css
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Server
104.160.64.15 Wilmington, United States, ASN46469 (GETRESPONSE-IMPLIX - GETRESPONSE, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
4e54da309afb8e6e56a932e81df397afbab2b025787be8f05d7344772a497e69

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.abnehmenuebernacht.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Cookie
squeeze-page=ucpk1suhrma3flk9266k2ursjt; n2iO[variantVersion]=0; n2iO[visit]=BWl15; n2iO[uniqueVisit]=BWl15
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Nov 2018 09:53:59 GMT
Server
nginx
ETag
W/"5bf52b37-10b2"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Expires
Thu, 22 Nov 2018 19:43:49 GMT
ga.js
ga.getresponse.com/script/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ga.getresponse.com/script/ga.js?grid=sBDcFVEdQcXEIAA%3D%3D
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.160.64.77 Wilmington, United States, ASN46469 (GETRESPONSE-IMPLIX - GETRESPONSE, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
53d7e88f8497590ddfe073744c57c4c15eeaad239885d67cf52ffc6713130409

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript
709141403.jpg
us-ms.gr-cdn.com/getresponse-zEbmD/photos/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-ms.gr-cdn.com/getresponse-zEbmD/photos/709141403.jpg?_ga=2.11403956.106297676.1534839718-105570822.1534342741
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
7dd22be2ec782b7731ae5fc6d2e2bd788a0090fedcc58b512c9d579c64b8a169

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
X-Unique-ID
5E2E9AE8:8034_68A04008:0050_5BD96635_1924D4E:595F
Last-Modified
Tue, 21 Aug 2018 09:02:16 GMT
Server
nginx
ETag
"b22f6fb2b5ea81f1a89d76b8f8e5c75e"
X-Robots-Tag
noindex, nofollow
X-HW
1542829429.dop010.fr8.t,1542829429.cds066.fr8.shn,1542829429.dop010.fr8.t,1542829429.cds047.fr8.c
x-amz-version-id
uvDIHwL93l.hvfS.k2r34mEoSWs5dZQh
Cache-Control
max-age=29680704
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
109062
x-amz-id-2
UF4YkiL/2JplUbvtwQbVO8khCcSe+f3DETZ//3+NXSZsBQvC1Bj7fAFjMz0bl7CgoazBr8NP8jQ=
711770403.jpg
us-ms.gr-cdn.com/getresponse-zEbmD/photos/ 		189 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-ms.gr-cdn.com/getresponse-zEbmD/photos/711770403.jpg?_ga=2.206389908.622590666.1535355723-105570822.1534342741
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
172dd578ce7b6189fe8bb91c01e6fdd40bbfd35bcb8613f5639e0eab729c56c6

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
X-Unique-ID
5E2E9AE9:D066_68A04008:0050_5BF44341_1F8427F:7A19
Last-Modified
Tue, 28 Aug 2018 14:55:07 GMT
Server
nginx
ETag
"fdf1cbbe0b16281b1a1ed68c40bca2d8"
X-Robots-Tag
noindex, nofollow
X-HW
1542829429.dop010.fr8.t,1542829429.cds066.fr8.shn,1542829429.dop010.fr8.t,1542829429.cds048.fr8.c
x-amz-version-id
S_iaY_hFaiLlIEO7le.nI.SjojuRN4UD
Cache-Control
max-age=31441228
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
193549
x-amz-id-2
iRBggLhMaFwjxer61eK0Js2m795bpfeECUOKXChC5+whDZbujbwMYywOSbI3eBdvtklTPjYBAiM=
manifest.be7b90973196c8e50359.js
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/manifest.be7b90973196c8e50359.js
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
0cb04f81bc90f1c1b3f8f7df8a412d2204e3fe154f300e0a264cdf0cff71cea5

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
Content-Encoding
gzip
X-Unique-ID
978B5564:7D1E_68A04008:0050_5BEBEFAE_A91A1D4:52F4
Last-Modified
Tue, 13 Nov 2018 17:08:54 GMT
Server
nginx
ETag
W/"5beb0526-6aa"
X-HW
1542829429.dop037.fr8.t,1542829429.cds014.fr8.shn,1542829429.dop037.fr8.t,1542829429.cds065.fr8.c
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
982
vendor.26161208735ce459970e.js
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		232 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.26161208735ce459970e.js
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
db4f1807145b05968ac133f8d0cfb1449f74af97b261d82c11f1a1fee4ab5a31

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
Content-Encoding
gzip
X-Unique-ID
5E2E9AE8:7150_68A04008:0050_5BEAC7F8_B50FAA:52EF
Last-Modified
Tue, 13 Nov 2018 12:37:38 GMT
Server
nginx
ETag
W/"5beac592-39e27"
X-HW
1542829429.dop037.fr8.t,1542829429.cds014.fr8.shn,1542829429.dop037.fr8.t,1542829429.cds047.fr8.c
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
78337
show.1d9f2b59b3d0379364c5.js
us-as.gr-cdn.com/javascripts/core/lps/dist/ 		250 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.1d9f2b59b3d0379364c5.js
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
f4cd1b022acfe005c56cd0c54859ccb68ca5906e58cd904b8000526871914a3c

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
Content-Encoding
gzip
X-Unique-ID
978B5560:3CEA_68A04008:0050_5BEAC7F8_8758AB8:52F4
Last-Modified
Tue, 13 Nov 2018 12:37:38 GMT
Server
nginx
ETag
W/"5beac592-3e88a"
X-HW
1542829429.dop037.fr8.t,1542829429.cds014.fr8.shn,1542829429.dop037.fr8.t,1542829429.cds061.fr8.c
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82814
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
6549
date
Wed, 21 Nov 2018 17:54:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Wed, 21 Nov 2018 19:54:40 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.1d9f2b59b3d0379364c5.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 14 Nov 2018 15:11:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
621153
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
5437
X-XSS-Protection
1; mode=block
Expires
Thu, 14 Nov 2019 15:11:16 GMT
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j72&a=1107570818&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abnehmenuebernacht.com%2Fleads01%3Ftransaction_id%3DC49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI&...
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1107570818&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abnehmenuebernacht.com%2Fleads01%3Ftransaction_id%3DC49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI...
35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1107570818&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abnehmenuebernacht.com%2Fleads01%3Ftransaction_id%3DC49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI&dr=http%3A%2F%2Fuse.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dc380f9ba-edc5-11e8-a0c7-065855a9e530%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=FlacherBauch%20-%20LeadGen%20Variants%2001&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=995436894&gjid=982908802&cid=1479510316.1542829430&tid=UA-113067272-10&_gid=1695062211.1542829430&_r=1&z=592946431
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Nov 2018 19:43:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1107570818&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abnehmenuebernacht.com%2Fleads01%3Ftransaction_id%3DC49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI&dr=http%3A%2F%2Fuse.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dc380f9ba-edc5-11e8-a0c7-065855a9e530%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=FlacherBauch%20-%20LeadGen%20Variants%2001&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=995436894&gjid=982908802&cid=1479510316.1542829430&tid=UA-113067272-10&_gid=1695062211.1542829430&_r=1&z=592946431
Non-Authoritative-Reason
HSTS
piwik.js
cdnjs.cloudflare.com/ajax/libs/piwik/3.5.0/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/piwik/3.5.0/piwik.js
Requested by
Host: ga.getresponse.com
URL: https://ga.getresponse.com/script/ga.js?grid=sBDcFVEdQcXEIAA%3D%3D
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d392694a1257cc4052e24f1f02e9bbd1431ab0d27b64c3d9a76b13f539130b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 21 Nov 2018 19:43:49 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.002
last-modified
Thu, 17 May 2018 09:24:36 GMT
server
cloudflare
etag
W/"5afd4a54-fed5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
47d5a5c0180f9744-FRA
expires
Mon, 11 Nov 2019 19:43:49 GMT
index.php
ga.getresponse.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ga.getresponse.com/index.php?ver=3&action_name=FlacherBauch%20-%20LeadGen%20Variants%2001&idsite=&rec=1&r=528088&h=19&m=43&s=49&url=http%3A%2F%2Fwww.abnehmenuebernacht.com%2Fleads01%3Ftransaction_id%3DC49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI&urlref=http%3A%2F%2Fuse.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dc380f9ba-edc5-11e8-a0c7-065855a9e530%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&uid=%7B%22uuid%22%3A%2210dfc88e-2450-4088-98b2-cf48bc05c2f7%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22valuable%22%3A0%7D&_id=7337767c3d5a0bb7&_idts=1542829430&_idvc=1&_idn=1&_refts=1542829430&_viewts=1542829430&_ref=http%3A%2F%2Fuse.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dc380f9ba-edc5-11e8-a0c7-065855a9e530%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&send_image=1&cookie=1&res=1600x1200&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22sBDcFVEdQcXEIAA%3D%3D%22%5D%7D&gt_ms=353&pv_id=1bbQu3
Requested by
Host: www.abnehmenuebernacht.com
URL: http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.160.64.77 Wilmington, United States, ASN46469 (GETRESPONSE-IMPLIX - GETRESPONSE, US),
Reverse DNS
norevdns.getresponse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.abnehmenuebernacht.com/leads01?transaction_id=C49QMrkTlqJ9BYEKan2VFlIEjSXNBRrqzuF9NVUmYI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 19:43:49 GMT
Server
nginx
Content-Type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| GoogleAnalyticsObject function| ga object| grLpsInitialData function| webpackJsonp function| $ function| jQuery object| Backbone object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| socialButtonsStorage object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| WebFont object| _paq function| gaSetUserId function| gaPush object| JSON_PIWIK object| Piwik object| AnalyticsTracker function| piwik_log

10 Cookies

Domain/Path Name / Value
www.abnehmenuebernacht.com/ Name: _pk_ref..e03e
Value: %5B%22%22%2C%22%22%2C1542829430%2C%22http%3A%2F%2Fuse.dauid-iep.com%2Fzcredirect%3Fvisitid%3Dc380f9ba-edc5-11e8-a0c7-065855a9e530%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse%22%5D
.abnehmenuebernacht.com/ Name: _gid
Value: GA1.2.1695062211.1542829430
www.abnehmenuebernacht.com/ Name: n2iO[variantVersion]
Value: 0
.abnehmenuebernacht.com/ Name: _ga
Value: GA1.2.1479510316.1542829430
www.abnehmenuebernacht.com/ Name: gaVisitorUuid
Value: 10dfc88e-2450-4088-98b2-cf48bc05c2f7
.abnehmenuebernacht.com/ Name: _gat
Value: 1
www.abnehmenuebernacht.com/ Name: n2iO[visit]
Value: BWl15
www.abnehmenuebernacht.com/ Name: _pk_ses..e03e
Value: *
www.abnehmenuebernacht.com/ Name: n2iO[uniqueVisit]
Value: BWl15
www.abnehmenuebernacht.com/ Name: squeeze-page
Value: ucpk1suhrma3flk9266k2ursjt

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
clicks.goldlab.de
fonts.googleapis.com
fonts.gstatic.com
ga.getresponse.com
goldpath.de
us-as.gr-cdn.com
us-ms.gr-cdn.com
use.dauid-iep.com
use.photios-raj.com
ww1.youutbe.com
www.abnehmenuebernacht.com
www.google-analytics.com
www.google.com
youutbe.com
104.160.64.15
104.160.64.77
18.211.55.247
185.49.221.34
199.59.242.151
205.185.216.10
2606:4700::6813:c397
2a00:1450:4001:80b::2004
2a00:1450:4001:81b::200a
2a00:1450:4001:821::2003
2a00:1450:4001:821::200a
2a00:1450:4001:821::200e
35.158.68.101
85.159.233.44
05be1e85f1532e6de5e3f1008364e825e2db80cca8320c45ed9883e1b2372c27
06340d3c11871b79b657dec5ce0250db250313f79bb67eaf7df20c3e62679270
0cb04f81bc90f1c1b3f8f7df8a412d2204e3fe154f300e0a264cdf0cff71cea5
172dd578ce7b6189fe8bb91c01e6fdd40bbfd35bcb8613f5639e0eab729c56c6
2058706a45c6d0f1f27af4cd6d6ab4affeb894b7cb323b9451c468147d611bd9
2d8a7ae80b76143aace36a81db0ad616bef8e9815a884b267c4328a6b641c7e0
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
4e54da309afb8e6e56a932e81df397afbab2b025787be8f05d7344772a497e69
53d7e88f8497590ddfe073744c57c4c15eeaad239885d67cf52ffc6713130409
5fc566bd12b656d95c1becae3d1e87f88983856d2c5e2ddd3f46849158e92626
6023c4b86ddb5328650a44e90a636317ac8364d7156aa54aed971b052c37f06a
7dd22be2ec782b7731ae5fc6d2e2bd788a0090fedcc58b512c9d579c64b8a169
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8b150942d832d956efff8246c15e9c6e295710a79d39b486d00e986e83e24df9
9db8aeb6d23a94938d204c0346b0e28d7c1c22acfd80121f5969fd4ffe84ef84
b433fff5919be961f970430072a831557793a468074cd8aaf30427dc6209dc3d
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
c7d392694a1257cc4052e24f1f02e9bbd1431ab0d27b64c3d9a76b13f539130b
db4f1807145b05968ac133f8d0cfb1449f74af97b261d82c11f1a1fee4ab5a31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4cd1b022acfe005c56cd0c54859ccb68ca5906e58cd904b8000526871914a3c