de.helvetias.com Open in urlscan Pro
91.213.4.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ms31.nl2.kolido.net/
Effective URL:
http://de.helvetias.com/
Submission Tags: falconsandbox
Submission: On January 08 via api (January 8th 2021, 1:58:41 am UTC) from US

Summary HTTP 53 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 8 countries across 22 domains to perform 53 HTTP transactions. The main IP is 91.213.4.40, located in Switzerland and belongs to LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), NL. The main domain is de.helvetias.com.

This is the only time de.helvetias.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.17.10.131 85.17.10.131	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	91.213.4.40 91.213.4.40	6830 (LIBERTYGL...) (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding)
16 16	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2	159.69.22.140 159.69.22.140	24940 (HETZNER-AS) (HETZNER-AS)
2 3	2606:4700::68... 2606:4700::6812:1781	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:20:... 2606:4700:20::ac43:4827	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.39.54 104.16.39.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.57.195 52.218.57.195	16509 (AMAZON-02) (AMAZON-02)
20 20	34.95.109.120 34.95.109.120	15169 (GOOGLE) (GOOGLE)
1 3	213.174.51.88 213.174.51.88	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1	151.139.236.192 151.139.236.192	33438 (HIGHWINDS2) (HIGHWINDS2)
2 4	51.68.117.182 51.68.117.182	16276 (OVH) (OVH)
5	13.224.94.118 13.224.94.118	16509 (AMAZON-02) (AMAZON-02)
1 2	193.227.195.217 193.227.195.217	29037 (TELIKO-AS) (TELIKO-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2be::2638	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	78.46.180.203 78.46.180.203	24940 (HETZNER-AS) (HETZNER-AS)
1	91.143.241.76 91.143.241.76	41893 (CYBERPORT-AS) (CYBERPORT-AS)
2	62.104.23.103 62.104.23.103	5430 (FREENETDE...) (FREENETDE freenet Datenkommunikations GmbH)
1	93.191.169.159 93.191.169.159	32787 (PROLEXIC-...) (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK)
1	194.231.246.178 194.231.246.178	5669 (VIA-NET-W...) (VIA-NET-WORKS-AS)
1	13.224.94.84 13.224.94.84	16509 (AMAZON-02) (AMAZON-02)
1	91.184.48.164 91.184.48.164	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
14	2600:9000:219... 2600:9000:2190:c200:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
53	21

1 85.17.10.131 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ms31.nl2.kolido.net

ms31.nl2.kolido.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.213.4.40 (Switzerland)

ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), NL)
PTR: mail.breag.com

de.helvetias.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.111.239.217 (Netherlands) 16 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.22.140 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: otto-affiliate.delink.cloud

otto-partnerprogramm.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1781 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

mediaserver.entainpartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::ac43:4827 (United States)

ASN13335 (CLOUDFLARENET, US)

partner.experte.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.experte.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.experte.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.experte.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.39.54 (United States)

ASN13335 (CLOUDFLARENET, US)

news.comventure.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.57.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.95.109.120 (United States) 20 redirects

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com

impde.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.174.51.88 (Germany) 1 redirects

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: k1810.ims-firmen.de

www.knmweb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.236.192 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cert-explidowebmarket.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.68.117.182 (France) 2 redirects

ASN16276 (OVH, FR)

aaa.artefact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.94.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-118.zrh50.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.227.195.217 (Germany) 1 redirects

ASN29037 (TELIKO-AS, DE)
PTR: h.deutschlandsim.de

h.simplytel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2be::2638 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

images.goertz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.180.203 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cpx-ads.de

www.cpx-ads.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.143.241.76 (Klingenberg, Germany)

ASN41893 (CYBERPORT-AS, DE)

media.cyberport.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.104.23.103 (Germany)

ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE)
PTR: ndirect.ppro.de

static.ppro.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.191.169.159 (United Kingdom)

ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US)

affiliate.fressnapf.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.231.246.178 (Lennestadt, Germany)

ASN5669 (VIA-NET-WORKS-AS, US)
PTR: webserver.raddiscount.de

www.raddiscount.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.94.84 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-84.zrh50.r.cloudfront.net

img.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.184.48.164 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ms4.nl2.kolido.net

www.seekgo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2190:c200:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	tradedoubler.com 20 redirects impde.tradedoubler.com vht.tradedoubler.com img.tradedoubler.com	148 KB
16	awin1.com 16 redirects www.awin1.com	7 KB
14	ctfassets.net images.ctfassets.net	22 KB
10	experte.de partner.experte.de www.experte.de api.experte.de t.experte.de	276 KB
4	artefact.com 2 redirects aaa.artefact.com	25 KB
3	knmweb.de 1 redirects www.knmweb.de	11 KB
3	entainpartners.com 2 redirects mediaserver.entainpartners.com	21 KB
3	helvetias.com de.helvetias.com	9 KB
2	ppro.de static.ppro.de	7 KB
2	simplytel.de 1 redirects h.simplytel.de	8 KB
2	otto-partnerprogramm.de otto-partnerprogramm.de	18 KB
1	seekgo.net www.seekgo.net
1	raddiscount.de www.raddiscount.de	9 KB
1	fressnapf.de affiliate.fressnapf.de	9 KB
1	cyberport.de media.cyberport.de	4 KB
1	cpx-ads.de www.cpx-ads.de	6 KB
1	goertz.de images.goertz.de	2 KB
1	netdna-ssl.com cert-explidowebmarket.netdna-ssl.com	2 KB
1	amazonaws.com s3-eu-west-1.amazonaws.com	2 KB
1	comventure.de news.comventure.de	3 KB
1	kolido.net 1 redirects ms31.nl2.kolido.net	295 B
0	doubleclick.net Failed stats.g.doubleclick.net Failed
53	22

	Domain	Requested by
20	impde.tradedoubler.com	20 redirects
16	www.awin1.com	16 redirects
14	images.ctfassets.net	de.helvetias.com
5	vht.tradedoubler.com	de.helvetias.com
5	partner.experte.de	de.helvetias.com partner.experte.de
4	aaa.artefact.com	2 redirects de.helvetias.com
3	api.experte.de	partner.experte.de
3	www.knmweb.de	1 redirects de.helvetias.com
3	mediaserver.entainpartners.com	2 redirects de.helvetias.com
3	de.helvetias.com	de.helvetias.com
2	static.ppro.de	de.helvetias.com
2	h.simplytel.de	1 redirects de.helvetias.com
2	otto-partnerprogramm.de	de.helvetias.com
1	t.experte.de	partner.experte.de
1	www.experte.de	partner.experte.de
1	www.seekgo.net	de.helvetias.com
1	img.tradedoubler.com	de.helvetias.com
1	www.raddiscount.de	de.helvetias.com
1	affiliate.fressnapf.de	de.helvetias.com
1	media.cyberport.de	de.helvetias.com
1	www.cpx-ads.de	de.helvetias.com
1	images.goertz.de	de.helvetias.com
1	cert-explidowebmarket.netdna-ssl.com	de.helvetias.com
1	s3-eu-west-1.amazonaws.com	de.helvetias.com
1	news.comventure.de	de.helvetias.com
1	ms31.nl2.kolido.net	1 redirects
0	stats.g.doubleclick.net Failed	partner.experte.de
53	27

This site contains links to these domains. Also see Links.

Domain
ch.helvetias.com
at.helvetias.com

Subject Issuer	Validity	Valid
production.otto-affiliate.delink.cloud R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-10` - `2021-12-09`	a year	crt.sh
experte.de Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
www.knmweb.de RapidSSL RSA CA 2018	`2020-03-16` - `2021-05-01`	a year	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-18` - `2021-03-18`	a year	crt.sh
aaa.artefact.com Let's Encrypt Authority X3	`2020-11-28` - `2021-02-26`	3 months	crt.sh
*.tradedoubler.com GlobalSign Domain Validation CA - SHA256 - G2	`2018-12-10` - `2021-01-27`	2 years	crt.sh
*.simplytel.de Sectigo RSA Domain Validation Secure Server CA	`2020-03-24` - `2022-04-18`	2 years	crt.sh
secure5.scene7.com DigiCert SHA2 High Assurance Server CA	`2020-08-25` - `2022-11-07`	2 years	crt.sh
cpx-ads.de Thawte RSA CA 2018	`2020-05-04` - `2022-05-21`	2 years	crt.sh
*.cyberport.de Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2022-08-28`	2 years	crt.sh
*.ppro.de Sectigo RSA Organization Validation Secure Server CA	`2020-01-21` - `2022-02-24`	2 years	crt.sh
*.fressnapf.de Thawte TLS RSA CA G1	`2019-09-23` - `2021-10-22`	2 years	crt.sh
www.raddiscount.de Go Daddy Secure Certificate Authority - G2	`2019-06-02` - `2021-08-01`	2 years	crt.sh

This page contains 2 frames:

Primary Page: http://de.helvetias.com/
Frame ID: EF0FD79728F320E92BE3D7E1CEF79B66
Requests: 51 HTTP requests in this frame

Frame: http://www.seekgo.net/adserver/c.php
Frame ID: A7D59EB9A2E7A518F0285B36949EBCEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ms31.nl2.kolido.net/ HTTP 302
http://de.helvetias.com/ Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

53
Requests

62 %
HTTPS

17 %
IPv6

22
Domains

27
Subdomains

21
IPs

8
Countries

571 kB
Transfer

1468 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://ch.helvetias.com/
Title: CH

Search URL Search Domain Scan URL

URL: http://at.helvetias.com/
Title: AT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ms31.nl2.kolido.net/ HTTP 302
http://de.helvetias.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.awin1.com/cshow.php?s=2491502&v=14336&q=374286&r=400281 HTTP 302
https://otto-partnerprogramm.de/ftp/Partnerwerbemittel/Banner/Sale_728x90.gif

Request Chain 3

http://mediaserver.entainpartners.com/renderBanner.do?zoneId=1704663&t=i&v=1 HTTP 302
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1704663&t=i&v=1 HTTP 302
https://mediaserver.entainpartners.com/images/AdServer/Bwin/DE/468x60_standardbanner_sport_0008_10_de.gif

Request Chain 4

https://www.awin1.com/cshow.php?s=2491450&v=14336&q=374234&r=400281 HTTP 302
https://otto-partnerprogramm.de/ftp/Partnerwerbemittel/Logo/Logo_120x60.jpg

Request Chain 6

https://www.awin1.com/cshow.php?s=2121099&v=11698&q=332219&r=400281 HTTP 302
http://news.comventure.de/images/banner/affiliate/Logo/medpex_logo_120x52.jpg

Request Chain 7

https://www.awin1.com/cshow.php?s=2322029&v=14179&q=355296&r=400281 HTTP 302
https://s3-eu-west-1.amazonaws.com/haw-images/hawesko/Hawesko_Logo_quer_120x60.gif

Request Chain 8

http://impde.tradedoubler.com/imp?type(img)g(17455964)a(1896427) HTTP 302
https://impde.tradedoubler.com/imp?type(img)g(17455964)a(1896427) HTTP 302
http://www.knmweb.de/banner/Alba%20Moda_DE/Logo/120x60.jpg HTTP 301
https://www.knmweb.de/banner/Alba%20Moda_DE/Logo/120x60.jpg

Request Chain 9

https://www.awin1.com/cshow.php?s=2482503&v=14797&q=373002&r=400281 HTTP 302
https://cert-explidowebmarket.netdna-ssl.com/verivox/logos/vx_logo_120x40.jpg

Request Chain 10

http://impde.tradedoubler.com/imp?type(img)g(20935768)a(1896427) HTTP 302
https://impde.tradedoubler.com/imp?type(img)g(20935768)a(1896427) HTTP 302
https://www.knmweb.de/banner/Klingel_DE/mobile/120x20_mobile.gif

Request Chain 11

http://impde.tradedoubler.com/imp?type(img)g(24244608)a(1896427) HTTP 302
https://impde.tradedoubler.com/imp?type(img)g(24244608)a(1896427) HTTP 302
https://aaa.artefact.com/trck/eview/3fbc8afa2cc62e3d86a807f1167b2504 HTTP 301
https://aaa.artefact.com/mst/113%20-%20Lufthansa%20DE/Logos/120x60_LH_Logo_Blau.png

Request Chain 12

http://impde.tradedoubler.com/imp?type(img)g(23709840)a(1896427) HTTP 302
https://impde.tradedoubler.com/imp?type(img)g(23709840)a(1896427) HTTP 302
https://vht.tradedoubler.com/file/31821/all_logos/120x60_LOGO_ALL.jpg

Request Chain 13

https://www.awin1.com/cshow.php?s=2492552&v=14985&q=370552&r=400281 HTTP 302
http://h.simplytel.de/banner.jpg?promotion_partner_id=31491&promotion_product_id=7303 HTTP 301
https://h.simplytel.de/banner.jpg?promotion_partner_id=31491&promotion_product_id=7303

Request Chain 14

http://impde.tradedoubler.com/imp?type(img)g(24556528)a(1896427) HTTP 302
https://impde.tradedoubler.com/imp?type(img)g(24556528)a(1896427) HTTP 302
https://vht.tradedoubler.com/file/297463/logos/Sky_Logos_1008/Sky_Master_Brand_Logo_RGB_120x60.png

Request Chain 15

https://www.awin1.com/cshow.php?s=2206796&v=11200&q=342424&r=400281 HTTP 302
https://images.goertz.de/is/image/Goertzmedia/SALE_Affiliate_120x60

Request Chain 16

http://impde.tradedoubler.com/imp?type(img)g(24558752)a(1896427) HTTP 302
https://impde.tradedoubler.com/imp?type(img)g(24558752)a(1896427) HTTP 302
https://www.cpx-ads.de/Dress-for-less/Logos/200x70.png

Request Chain 17

http://www.awin1.com/cshow.php?s=2130244&v=11657&q=333371&r=400281 HTTP 301
https://www.awin1.com/cshow.php?s=2130244&v=11657&q=333371&r=400281 HTTP 302
https://media.cyberport.de/img/banner/extern/logos/120x60-cyberport-logo-.gif

Request Chain 18

https://www.awin1.com/cshow.php?s=2485843&v=11933&q=373390&r=400281 HTTP 302
https://static.ppro.de/perf/perf_klarmobil/Logos_neu/logo_88x31.gif

Request Chain 19

http://www.awin1.com/cshow.php?s=2523860&v=14757&q=377411&r=400281 HTTP 301
https://www.awin1.com/cshow.php?s=2523860&v=14757&q=377411&r=400281 HTTP 302
https://affiliate.fressnapf.de/Werbemittel/Werbemittel_PublicAffiliateFSN/Logos/fn_logo_was_tiere_lieben_120x60.jpg

Request Chain 20

http://impde.tradedoubler.com/imp?type(img)g(22060608)a(1896427) HTTP 302
https://impde.tradedoubler.com/imp?type(img)g(22060608)a(1896427) HTTP 302
https://vht.tradedoubler.com/file/1323/27.08.2018/410036-AFF-DE-120x60.png

Request Chain 21

http://www.awin1.com/cshow.php?s=2179885&v=11641&q=339216&r=400281 HTTP 301
https://www.awin1.com/cshow.php?s=2179885&v=11641&q=339216&r=400281 HTTP 302
https://static.ppro.de/perf/perf_callmobile/Logos/cmLogo_120x60.gif

Request Chain 22

https://www.awin1.com/cshow.php?s=2325523&v=14786&q=355515&r=400281 HTTP 302
https://www.raddiscount.de/images/banner/button120x60/index.gif?SRC=button120x60.gif

Request Chain 23

http://impde.tradedoubler.com/imp?type(img)g(24469406)a(1896427) HTTP 302
https://impde.tradedoubler.com/imp?type(img)g(24469406)a(1896427) HTTP 302
https://vht.tradedoubler.com/file/294025/2907.2020/AF_CONDOR_Banner_ETF_4999_120x600_0720.gif

Request Chain 24

http://impde.tradedoubler.com/imp?type(inv)g(20623066)a(1896427) HTTP 302
https://impde.tradedoubler.com/imp?type(inv)g(20623066)a(1896427) HTTP 302
https://img.tradedoubler.com/images/inv.gif

Request Chain 25

https://www.awin1.com/cshow.php?s=2434318&v=15047&q=367994&r=400281 HTTP 302
https://aaa.artefact.com/trck/eview/e4941931e5e518f7d9eba1eb113c7f24 HTTP 301
https://aaa.artefact.com/mst/4%20-%20Deichmann%20DE/Logos/Deichmann%20OS%20125x125.jpg

Request Chain 26

http://impde.tradedoubler.com/imp?type(img)g(24771730)a(1896427) HTTP 302
https://impde.tradedoubler.com/imp?type(img)g(24771730)a(1896427) HTTP 302
https://vht.tradedoubler.com/file/305884/06.05.2020/Fashion_Trends/BP_DE_Fashion_Trends_160x600_020320_rs-SjynYXBR.gif

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
de.helvetias.com/
Redirect Chain

http://ms31.nl2.kolido.net/
http://de.helvetias.com/

10 KB
3 KB

229ms
188ms

Document
text/html

91.213.4.40
LIBERTYGLOBAL Lib...

General

Check archive.org

Show headers Download Go to

Full URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 91.213.4.40 , Switzerland, ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), NL),
Reverse DNS: mail.breag.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: ac7be6eaf9ec8a19bf19a29c16ebea8c65f01e87e36397aa4237f2a25e319553

Request headers

Host: de.helvetias.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:20 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2944
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 08 Jan 2021 02:00:15 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u6
LOCATION: http://de.helvetias.com/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK style.css
de.helvetias.com/css/ 13 KB
3 KB 38ms
38ms Stylesheet
text/css 91.213.4.40
LIBERTYGLOBAL Lib...

General

Check archive.org

Show headers Download Go to

Full URL: http://de.helvetias.com/css/style.css
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 91.213.4.40 , Switzerland, ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), NL),
Reverse DNS: mail.breag.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: b6539991582f82babcd826db6dcb79b89ebe6ed7e1622afe4d0d1266b4717e81

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 May 2016 17:23:27 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3203-532bc8867c436-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2386

GET
H/1.1

200
OK

Sale_728x90.gif
otto-partnerprogramm.de/ftp/Partnerwerbemittel/Banner/
Redirect Chain

https://www.awin1.com/cshow.php?s=2491502&v=14336&q=374286&r=400281
https://otto-partnerprogramm.de/ftp/Partnerwerbemittel/Banner/Sale_728x90.gif

11 KB
11 KB

133ms
36ms

Image
image/gif

159.69.22.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otto-partnerprogramm.de/ftp/Partnerwerbemittel/Banner/Sale_728x90.gif

Requested by

Host: de.helvetias.com
URL: http://de.helvetias.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.69.22.140 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

otto-affiliate.delink.cloud

Software

nginx /

Resource Hash

329d0b8d14d4a26ed9120f7c12acdcceaee9a22ba15508101755384ae7a7c2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Last-Modified: Mon, 19 Aug 2019 10:16:01 GMT
Server: nginx
ETag: "5d5a76e1-2a16"
Strict-Transport-Security: max-age=15724800; includeSubdomains
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10774

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://otto-partnerprogramm.de/ftp/Partnerwerbemittel/Banner/Sale_728x90.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK logo.png
de.helvetias.com/images/ 3 KB
4 KB 79ms
54ms Image
image/png 91.213.4.40
LIBERTYGLOBAL Lib...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.helvetias.com/images/logo.png
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 91.213.4.40 , Switzerland, ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), NL),
Reverse DNS: mail.breag.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: b1e8767d0fe9844d0ac4705cc87d475207764d17823877f3234c00d7705e1481

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Last-Modified: Sun, 29 Jun 2014 18:51:59 GMT
Server: Apache/2.4.10 (Debian)
ETag: "d8a-4fcfe098d71c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3466

GET
H2

200

468x60_standardbanner_sport_0008_10_de.gif
mediaserver.entainpartners.com/images/AdServer/Bwin/DE/
Redirect Chain

http://mediaserver.entainpartners.com/renderBanner.do?zoneId=1704663&t=i&v=1
https://mediaserver.entainpartners.com/renderBanner.do?zoneId=1704663&t=i&v=1
https://mediaserver.entainpartners.com/images/AdServer/Bwin/DE/468x60_standardbanner_sport_0008_10_de.gif

20 KB
20 KB

130ms
129ms

Image
image/gif

2606:4700::6812:1781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaserver.entainpartners.com/images/AdServer/Bwin/DE/468x60_standardbanner_sport_0008_10_de.gif
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 496b3366d6d5e20dd75625a73f1cda9b9002245d3efbb3e19cc3ba31debb4bda

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 May 2019 10:09:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400, public
accept-ranges: bytes
cf-ray: 60e2501e9bc90742-FRA
content-length: 20439
cf-request-id: 078150672100000742d6991000000001
x-ua-compatible: IE=EmulateIE7

Redirect headers

date: Fri, 08 Jan 2021 01:58:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://mediaserver.entainpartners.com/images/AdServer/Bwin/DE/468x60_standardbanner_sport_0008_10_de.gif#.
content-language: en-US
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 60e2501dbab80742-FRA
content-length: 0
cf-request-id: 078150669300000742a832d000000001
x-ua-compatible: IE=EmulateIE7

GET
H/1.1

200
OK

Logo_120x60.jpg
otto-partnerprogramm.de/ftp/Partnerwerbemittel/Logo/
Redirect Chain

https://www.awin1.com/cshow.php?s=2491450&v=14336&q=374234&r=400281
https://otto-partnerprogramm.de/ftp/Partnerwerbemittel/Logo/Logo_120x60.jpg

7 KB
7 KB

157ms
34ms

Image
image/jpeg

159.69.22.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://otto-partnerprogramm.de/ftp/Partnerwerbemittel/Logo/Logo_120x60.jpg

Requested by

Host: de.helvetias.com
URL: http://de.helvetias.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

159.69.22.140 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

otto-affiliate.delink.cloud

Software

nginx /

Resource Hash

bd5d45c5aae4f94843866c3fb62e4bd13c2d4f1a0e8bc9991628bf8a2aa8f541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Last-Modified: Thu, 01 Aug 2019 10:49:13 GMT
Server: nginx
ETag: "5d42c3a9-1cbe"
Strict-Transport-Security: max-age=15724800; includeSubdomains
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7358

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://otto-partnerprogramm.de/ftp/Partnerwerbemittel/Logo/Logo_120x60.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 vergleich.js Show response
partner.experte.de/ 1 KB
1 KB 95ms
51ms Script
application/javascript 2606:4700:20::ac43:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.experte.de/vergleich.js

Requested by

Host: de.helvetias.com
URL: http://de.helvetias.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4827 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a5a8e2cd3ff69f1424a5e8d795a1418607e6bb16aeffca46d3bbfbd781f6f79a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: KV
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1679
x-region: eu-central-1
x-amz-apigw-id: YyjIGEyJliAFgFg=
cf-request-id: 078150665100004a56fd0da000000001
x-amzn-requestid: 384e995a-8f25-4821-92a7-3edaddef6e31
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: cloudflare
x-powered-by: Express
x-amzn-trace-id: Root=1-5ff74bcd-5be203c925f7bb0e3b8726b7;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b5skWqH5nf9mFoS4onheh%2BLQvuTbqZz8DaXa7Rnj2SMeE1xpBv%2FyLQe0MXSx5yAZE%2BEzeFJQGR6U5T6tKHNA2UXWT7rCsuDtQotM6JKzwazpX%2FidSJWd7e1wCEsYZMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=1800
etag: W/"68f-4977387000"
cf-ray: 60e2501d4c2d4a56-FRA
x-amzn-remapped-date: Thu, 07 Jan 2021 17:58:37 GMT
x-amzn-remapped-connection: close
cf-bgj: minify

GET
H/1.1

200
OK

medpex_logo_120x52.jpg
news.comventure.de/images/banner/affiliate/Logo/
Redirect Chain

https://www.awin1.com/cshow.php?s=2121099&v=11698&q=332219&r=400281
http://news.comventure.de/images/banner/affiliate/Logo/medpex_logo_120x52.jpg

2 KB
3 KB

63ms
31ms

Image
image/webp

104.16.39.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://news.comventure.de/images/banner/affiliate/Logo/medpex_logo_120x52.jpg
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 104.16.39.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a457d39aafac2f69fe34e2f01317bf6e808749f0558df7227d11f1829f658b26

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
CF-Cache-Status: HIT
Age: 71179
Cf-Polished: qual=85, origFmt=jpeg, origSize=24256
Content-Disposition: inline; filename="medpex_logo_120x52.webp"
Connection: keep-alive
Content-Length: 1866
cf-request-id: 07815066d100000fa2a034a000000001
Last-Modified: Thu, 02 Oct 2014 12:59:44 GMT
Server: cloudflare
ETag: "5ec0-5047030bb9000"
Vary: Accept
Content-Type: image/webp
Expires: Sat, 09 Jan 2021 01:58:21 GMT
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
CF-RAY: 60e2501e1cba0fa2-VIE
Cf-Bgj: imgq:85,h2pri

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: http://news.comventure.de/images/banner/affiliate/Logo/medpex_logo_120x52.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Hawesko_Logo_quer_120x60.gif
s3-eu-west-1.amazonaws.com/haw-images/hawesko/
Redirect Chain

https://www.awin1.com/cshow.php?s=2322029&v=14179&q=355296&r=400281
https://s3-eu-west-1.amazonaws.com/haw-images/hawesko/Hawesko_Logo_quer_120x60.gif

2 KB
2 KB

242ms
69ms

Image
image/gif

52.218.57.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/haw-images/hawesko/Hawesko_Logo_quer_120x60.gif
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.57.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ae1dc31717e5d80b1e5fe2cf3735aeee6b97da38b2a3e5cfbfc574e60e7331a

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:22 GMT
Last-Modified: Mon, 23 Apr 2018 06:37:36 GMT
Server: AmazonS3
x-amz-request-id: 09A6073AB6BF0E87
ETag: "5f241417929f12caca5f7feb4020cf8f"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 2104
x-amz-id-2: GacpjkC1R85IGq6jLLPD/mpHa0nDMXQjjlvb5BaWDKfFU7y51pD3NFzdxGdEt45B8Cat4DYoKBU=

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://s3-eu-west-1.amazonaws.com/haw-images/hawesko/Hawesko_Logo_quer_120x60.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

120x60.jpg
www.knmweb.de/banner/Alba%20Moda_DE/Logo/
Redirect Chain

http://impde.tradedoubler.com/imp?type(img)g(17455964)a(1896427)
https://impde.tradedoubler.com/imp?type(img)g(17455964)a(1896427)
http://www.knmweb.de/banner/Alba%20Moda_DE/Logo/120x60.jpg
https://www.knmweb.de/banner/Alba%20Moda_DE/Logo/120x60.jpg

5 KB
5 KB

77ms
34ms

Image
image/jpeg

213.174.51.88
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.knmweb.de/banner/Alba%20Moda_DE/Logo/120x60.jpg
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.51.88 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: k1810.ims-firmen.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 38fc8521644dc6ca3e4bc1d2502bae710fefa9d32aed26d48b1b6321f42e2f21

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:22 GMT
Last-Modified: Thu, 01 Mar 2018 14:04:44 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "12f9-5665a57761700"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4857

Redirect headers

Location: https://www.knmweb.de/banner/Alba%20Moda_DE/Logo/120x60.jpg
Date: Fri, 08 Jan 2021 01:58:22 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 267
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

vx_logo_120x40.jpg
cert-explidowebmarket.netdna-ssl.com/verivox/logos/
Redirect Chain

https://www.awin1.com/cshow.php?s=2482503&v=14797&q=373002&r=400281
https://cert-explidowebmarket.netdna-ssl.com/verivox/logos/vx_logo_120x40.jpg

2 KB
2 KB

120ms
36ms

Image
image/jpeg

151.139.236.192
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cert-explidowebmarket.netdna-ssl.com/verivox/logos/vx_logo_120x40.jpg
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 / PleskLin
Resource Hash: c03f4044237184cae1bb9074cb2076ceeee77dd2dd2ee0f61e631cefaf702558

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
last-modified: Wed, 01 Jun 2016 08:41:06 GMT
server: NetDNA-cache/2.2
x-powered-by: PleskLin
etag: "7ce-53433734dac80"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1998

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://cert-explidowebmarket.netdna-ssl.com/verivox/logos/vx_logo_120x40.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

120x20_mobile.gif
www.knmweb.de/banner/Klingel_DE/mobile/
Redirect Chain

http://impde.tradedoubler.com/imp?type(img)g(20935768)a(1896427)
https://impde.tradedoubler.com/imp?type(img)g(20935768)a(1896427)
https://www.knmweb.de/banner/Klingel_DE/mobile/120x20_mobile.gif

5 KB
5 KB

1129ms
34ms

Image
image/gif

213.174.51.88
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.knmweb.de/banner/Klingel_DE/mobile/120x20_mobile.gif
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.51.88 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: k1810.ims-firmen.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 361442bb18ba357e9444b10cea7b98c615113aff4464e26d21319e9b03a58ece

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:22 GMT
Last-Modified: Tue, 26 Nov 2019 07:11:57 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "13e8-5983a9876c940"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5096

Redirect headers

pragma: no-cache
date: Fri, 08 Jan 2021 01:58:20 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
location: https://www.knmweb.de/banner/Klingel_DE/mobile/120x20_mobile.gif
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: text/html; charset=ISO-8859-1
alt-svc: clear
content-length: 269

GET
H/1.1

200
OK

120x60_LH_Logo_Blau.png
aaa.artefact.com/mst/113%20-%20Lufthansa%20DE/Logos/
Redirect Chain

http://impde.tradedoubler.com/imp?type(img)g(24244608)a(1896427)
https://impde.tradedoubler.com/imp?type(img)g(24244608)a(1896427)
https://aaa.artefact.com/trck/eview/3fbc8afa2cc62e3d86a807f1167b2504
https://aaa.artefact.com/mst/113%20-%20Lufthansa%20DE/Logos/120x60_LH_Logo_Blau.png

3 KB
3 KB

40ms
39ms

Image
image/png

51.68.117.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaa.artefact.com/mst/113%20-%20Lufthansa%20DE/Logos/120x60_LH_Logo_Blau.png
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: ed49d44b0edfb70004184d3e5368f9ec4eae76e542e946806e8539554c690ac0

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Last-Modified: Thu, 26 Mar 2020 09:01:07 GMT
Server: nginx
X-IPLB-Request-ID: B9D82263:3D14_334475B6:01BB_5FF7BC3D_6316706:2B936
ETag: "5e7c6f53-a3d"
X-IPLB-Instance: 36559
Content-Type: image/png
Cache-control: private
Accept-Ranges: bytes
Content-Length: 2621

Redirect headers

Pragma: no-cache
Date: Fri, 08 Jan 2021 01:58:21 GMT
Server: nginx
X-IPLB-Request-ID: B9D82263:3D14_334475B6:01BB_5FF7BC3D_6316704:2B936
X-Powered-By: PHP/7.2.26
X-IPLB-Instance: 36559
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Location: https://aaa.artefact.com/mst/113%20-%20Lufthansa%20DE/Logos/120x60_LH_Logo_Blau.png
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

120x60_LOGO_ALL.jpg
vht.tradedoubler.com/file/31821/all_logos/
Redirect Chain

http://impde.tradedoubler.com/imp?type(img)g(23709840)a(1896427)
https://impde.tradedoubler.com/imp?type(img)g(23709840)a(1896427)
https://vht.tradedoubler.com/file/31821/all_logos/120x60_LOGO_ALL.jpg

5 KB
6 KB

106ms
35ms

Image
image/jpeg

13.224.94.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vht.tradedoubler.com/file/31821/all_logos/120x60_LOGO_ALL.jpg
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: dd29af2414e2d985b741adbada50dd95f1b4f174e8eec3fb599916b5d7aa42f2

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 03 Jan 2021 17:07:08 GMT
Via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 25 Nov 2019 11:39:44 GMT
Server: Apache
Age: 377473
ETag: "14a0-5982a384a6000"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 5280
X-Amz-Cf-Id: 2K10GOyQWSKbAaAbV7XsFGA33Hggf79k3Im61fjBsqwR1mft4AvY9g==
Expires: Sun, 10 Jan 2021 17:07:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jan 2021 01:58:20 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
location: https://vht.tradedoubler.com/file/31821/all_logos/120x60_LOGO_ALL.jpg
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: text/html; charset=ISO-8859-1
alt-svc: clear
content-length: 274

GET
H2

200

banner.jpg
h.simplytel.de/
Redirect Chain

https://www.awin1.com/cshow.php?s=2492552&v=14985&q=370552&r=400281
http://h.simplytel.de/banner.jpg?promotion_partner_id=31491&promotion_product_id=7303
https://h.simplytel.de/banner.jpg?promotion_partner_id=31491&promotion_product_id=7303

7 KB
8 KB

3216ms
93ms

Image
image/jpeg

193.227.195.217
TELIKO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.simplytel.de/banner.jpg?promotion_partner_id=31491&promotion_product_id=7303

Requested by

Host: de.helvetias.com
URL: http://de.helvetias.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE),

Reverse DNS

h.deutschlandsim.de

Software

nginx /

Resource Hash

389989eed92431ceae7e6adc3b2b63e49e89307d3daa18a1f8812e7b6ed3fbb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 01:58:24 GMT
last-modified: Fri, 08 Jan 2021 01:58:24 GMT
server: nginx
x-location: wildcard
x-served-by: My Servlet Handler
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 07 Feb 2021 02:58:24 +0100

Redirect headers

Location: https://h.simplytel.de/banner.jpg?promotion_partner_id=31491&promotion_product_id=7303
Date: Fri, 08 Jan 2021 01:58:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1

200
OK

Sky_Master_Brand_Logo_RGB_120x60.png
vht.tradedoubler.com/file/297463/logos/Sky_Logos_1008/
Redirect Chain

http://impde.tradedoubler.com/imp?type(img)g(24556528)a(1896427)
https://impde.tradedoubler.com/imp?type(img)g(24556528)a(1896427)
https://vht.tradedoubler.com/file/297463/logos/Sky_Logos_1008/Sky_Master_Brand_Logo_RGB_120x60.png

3 KB
3 KB

141ms
35ms

Image
image/png

13.224.94.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vht.tradedoubler.com/file/297463/logos/Sky_Logos_1008/Sky_Master_Brand_Logo_RGB_120x60.png
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 5c3a81a5b1bbda10184dac0de1728cc650bbb0686e757bc3ce2edf550a765d38

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 21:07:18 GMT
Via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 07 Aug 2020 07:12:20 GMT
Server: Apache
Age: 535863
ETag: "b3c-5ac44535e5d00"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 2876
X-Amz-Cf-Id: 8r1zsYNC_MrOnW-Y3rGA0bRPE5l-4lAlREP72xYqLgC_nst8Vv0wBw==
Expires: Fri, 08 Jan 2021 21:07:18 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jan 2021 01:58:20 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
location: https://vht.tradedoubler.com/file/297463/logos/Sky_Logos_1008/Sky_Master_Brand_Logo_RGB_120x60.png
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: text/html; charset=ISO-8859-1
alt-svc: clear
content-length: 303

GET
H2

200

SALE_Affiliate_120x60
images.goertz.de/is/image/Goertzmedia/
Redirect Chain

https://www.awin1.com/cshow.php?s=2206796&v=11200&q=342424&r=400281
https://images.goertz.de/is/image/Goertzmedia/SALE_Affiliate_120x60

2 KB
2 KB

44ms
8ms

Image
image/jpeg

2a02:26f0:6c00:2be::2638
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.goertz.de/is/image/Goertzmedia/SALE_Affiliate_120x60
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::2638 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: 6f8f42db5edb61075fc8dc96484e370c3fbb640ac6cb579d01c03c3a1dd14547

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
last-modified: Fri, 14 Feb 2020 10:00:06 GMT
server: Unknown
etag: "6a36a5d9727a046c4d2b94a989e7a654"
content-type: image/jpeg
access-control-allow-origin: *
content-length: 1905
expires: Fri, 08 Jan 2021 09:56:19 GMT

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://images.goertz.de/is/image/Goertzmedia/SALE_Affiliate_120x60
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2

200

200x70.png
www.cpx-ads.de/Dress-for-less/Logos/
Redirect Chain

http://impde.tradedoubler.com/imp?type(img)g(24558752)a(1896427)
https://impde.tradedoubler.com/imp?type(img)g(24558752)a(1896427)
https://www.cpx-ads.de/Dress-for-less/Logos/200x70.png

5 KB
6 KB

1373ms
44ms

Image
image/png

78.46.180.203
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cpx-ads.de/Dress-for-less/Logos/200x70.png
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.180.203 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpx-ads.de
Software: Apache /
Resource Hash: ca67236931638b4b2eebc894430ea3d0283c2cad6e8fe5f2fbc9fcd3b6e2f74f

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:22 GMT
last-modified: Fri, 18 Sep 2020 08:07:12 GMT
server: Apache
accept-ranges: bytes
etag: "15af-5af91fcf59dbf"
content-length: 5551
content-type: image/png

Redirect headers

pragma: no-cache
date: Fri, 08 Jan 2021 01:58:20 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
location: https://www.cpx-ads.de/Dress-for-less/Logos/200x70.png
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: text/html; charset=ISO-8859-1
alt-svc: clear
content-length: 259

GET
H/1.1

200
OK

120x60-cyberport-logo-.gif
media.cyberport.de/img/banner/extern/logos/
Redirect Chain

http://www.awin1.com/cshow.php?s=2130244&v=11657&q=333371&r=400281
https://www.awin1.com/cshow.php?s=2130244&v=11657&q=333371&r=400281
https://media.cyberport.de/img/banner/extern/logos/120x60-cyberport-logo-.gif

4 KB
4 KB

3264ms
50ms

Image
image/gif

91.143.241.76
CYBERPORT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cyberport.de/img/banner/extern/logos/120x60-cyberport-logo-.gif
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.143.241.76 Klingenberg, Germany, ASN41893 (CYBERPORT-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: ae35feffc1a4e4731c8f2f9c39631a5674d09f69eaa926f6b4a4354ed3d1417f

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:24 GMT
Last-Modified: Mon, 16 Jul 2018 12:45:32 GMT
Server: Apache
ETag: "e117c-f46-5711d347ab300"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3910

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.cyberport.de/img/banner/extern/logos/120x60-cyberport-logo-.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2

200

logo_88x31.gif
static.ppro.de/perf/perf_klarmobil/Logos_neu/
Redirect Chain

https://www.awin1.com/cshow.php?s=2485843&v=11933&q=373390&r=400281
https://static.ppro.de/perf/perf_klarmobil/Logos_neu/logo_88x31.gif

3 KB
4 KB

168ms
35ms

Image
image/gif

62.104.23.103
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ppro.de/perf/perf_klarmobil/Logos_neu/logo_88x31.gif

Requested by

Host: de.helvetias.com
URL: http://de.helvetias.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.104.23.103 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

18545ff0ef24e38127b49260b4400e4df55aee939bde736cf454e6fd52198f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Dec 2017 12:27:46 GMT
server: nginx
etag: "5a3ba8c2-d32"
strict-transport-security: max-age=63072000; includeSubDomains
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3378
expires: Sat, 09 Jan 2021 01:58:21 GMT

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://static.ppro.de/perf/perf_klarmobil/Logos_neu/logo_88x31.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

fn_logo_was_tiere_lieben_120x60.jpg
affiliate.fressnapf.de/Werbemittel/Werbemittel_PublicAffiliateFSN/Logos/
Redirect Chain

http://www.awin1.com/cshow.php?s=2523860&v=14757&q=377411&r=400281
https://www.awin1.com/cshow.php?s=2523860&v=14757&q=377411&r=400281
https://affiliate.fressnapf.de/Werbemittel/Werbemittel_PublicAffiliateFSN/Logos/fn_logo_was_tiere_lieben_120x60.jpg

8 KB
9 KB

3298ms
65ms

Image
image/jpeg

93.191.169.159
PROLEXIC-TECHNOLO...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://affiliate.fressnapf.de/Werbemittel/Werbemittel_PublicAffiliateFSN/Logos/fn_logo_was_tiere_lieben_120x60.jpg

Requested by

Host: de.helvetias.com
URL: http://de.helvetias.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.191.169.159 , United Kingdom, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),

Reverse DNS

Software

Apache /

Resource Hash

d0ecb17f4a0399e0141b52490db1f0a4e59ff6c9ad1de5c50ce24678359b1134

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://fressnapf.marketing.adobe.com https://confluence.fressnapf.de https://*.fnfarm.de app.fressnapf.de;

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://fressnapf.marketing.adobe.com https://confluence.fressnapf.de https://*.fnfarm.de app.fressnapf.de;
Last-Modified: Tue, 04 Feb 2014 16:33:05 GMT
Server: Apache
ETag: "14606f6-21ed-4f19731d15240"
Content-Type: image/jpeg
Cache-control: private
Date: Fri, 08 Jan 2021 01:58:24 GMT
Accept-Ranges: bytes
Content-Length: 8685

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://affiliate.fressnapf.de/Werbemittel/Werbemittel_PublicAffiliateFSN/Logos/fn_logo_was_tiere_lieben_120x60.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

410036-AFF-DE-120x60.png
vht.tradedoubler.com/file/1323/27.08.2018/
Redirect Chain

http://impde.tradedoubler.com/imp?type(img)g(22060608)a(1896427)
https://impde.tradedoubler.com/imp?type(img)g(22060608)a(1896427)
https://vht.tradedoubler.com/file/1323/27.08.2018/410036-AFF-DE-120x60.png

4 KB
5 KB

321ms
35ms

Image
image/png

13.224.94.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vht.tradedoubler.com/file/1323/27.08.2018/410036-AFF-DE-120x60.png
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: c1769fc79ce35eb81f49e5ec0dd4613204fea50e9b9ad96ea4ff504a90a78a4a

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 02 Jan 2021 08:27:44 GMT
Via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 27 Aug 2018 10:45:13 GMT
Server: Apache
Age: 495037
ETag: "10bd-574686b874040"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 4285
X-Amz-Cf-Id: CqCo9cBIx6tECbPbg5CVdutsh4x0dJKqPL2ZXzOSRm0J5bpm-ki9oA==
Expires: Sat, 09 Jan 2021 08:27:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jan 2021 01:58:20 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
location: https://vht.tradedoubler.com/file/1323/27.08.2018/410036-AFF-DE-120x60.png
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: text/html; charset=ISO-8859-1
alt-svc: clear
content-length: 279

GET
H2

200

cmLogo_120x60.gif
static.ppro.de/perf/perf_callmobile/Logos/
Redirect Chain

http://www.awin1.com/cshow.php?s=2179885&v=11641&q=339216&r=400281
https://www.awin1.com/cshow.php?s=2179885&v=11641&q=339216&r=400281
https://static.ppro.de/perf/perf_callmobile/Logos/cmLogo_120x60.gif

3 KB
3 KB

87ms
38ms

Image
image/gif

62.104.23.103
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ppro.de/perf/perf_callmobile/Logos/cmLogo_120x60.gif

Requested by

Host: de.helvetias.com
URL: http://de.helvetias.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.104.23.103 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

99f0b7627cf3fc3d1073d99f2feb542b10bef6e10e36ab4e877c7872a852ab0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Mar 2009 16:07:56 GMT
server: nginx
etag: "49b9335c-bed"
strict-transport-security: max-age=63072000; includeSubDomains
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3053
expires: Sat, 09 Jan 2021 01:58:21 GMT

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://static.ppro.de/perf/perf_callmobile/Logos/cmLogo_120x60.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

index.gif
www.raddiscount.de/images/banner/button120x60/
Redirect Chain

https://www.awin1.com/cshow.php?s=2325523&v=14786&q=355515&r=400281
https://www.raddiscount.de/images/banner/button120x60/index.gif?SRC=button120x60.gif

8 KB
9 KB

184ms
39ms

Image
image/gif

194.231.246.178
VIA-NET-WORKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.raddiscount.de/images/banner/button120x60/index.gif?SRC=button120x60.gif
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 194.231.246.178 Lennestadt, Germany, ASN5669 (VIA-NET-WORKS-AS, US),
Reverse DNS: webserver.raddiscount.de
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: d3b56fbb8c36c4bf255f364108959f870cf8b2993107e7951383f80a1784da19

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:13 GMT
Last-Modified: Sat, 01 Apr 2006 17:04:05 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "da122c48ae55c61:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 8614

Redirect headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.raddiscount.de/images/banner/button120x60/index.gif?SRC=button120x60.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

AF_CONDOR_Banner_ETF_4999_120x600_0720.gif
vht.tradedoubler.com/file/294025/2907.2020/
Redirect Chain

http://impde.tradedoubler.com/imp?type(img)g(24469406)a(1896427)
https://impde.tradedoubler.com/imp?type(img)g(24469406)a(1896427)
https://vht.tradedoubler.com/file/294025/2907.2020/AF_CONDOR_Banner_ETF_4999_120x600_0720.gif

58 KB
58 KB

227ms
101ms

Image
image/gif

13.224.94.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vht.tradedoubler.com/file/294025/2907.2020/AF_CONDOR_Banner_ETF_4999_120x600_0720.gif
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 37a5e095152d0091e663897f4d6be263e22a0b400166cc7fd81c0e829056111b

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 18:34:35 GMT
Via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 29 Jul 2020 08:10:37 GMT
Server: Apache
Age: 113026
ETag: "e662-5ab90173bf940"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 58978
X-Amz-Cf-Id: hBwr1mSKONkPFJCaVxicFXmXZ14jNd09IFLBsgZgth2NVJZAlt6OYg==
Expires: Wed, 13 Jan 2021 18:34:35 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jan 2021 01:58:20 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
location: https://vht.tradedoubler.com/file/294025/2907.2020/AF_CONDOR_Banner_ETF_4999_120x600_0720.gif
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: text/html; charset=ISO-8859-1
alt-svc: clear
content-length: 298

GET
H/1.1

200
OK

inv.gif
img.tradedoubler.com/images/
Redirect Chain

http://impde.tradedoubler.com/imp?type(inv)g(20623066)a(1896427)
https://impde.tradedoubler.com/imp?type(inv)g(20623066)a(1896427)
https://img.tradedoubler.com/images/inv.gif

43 B
566 B

1116ms
33ms

Image
image/gif

13.224.94.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tradedoubler.com/images/inv.gif
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-84.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 03:14:54 GMT
Via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 19 Nov 2004 15:35:04 GMT
Server: Apache
Age: 600208
ETag: "2b-3e93e402bfa00"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: TbG30wdyCVpI6TQwSAASsT7jHuU542Y_qeuaIY9ozanQtApQZLTFBQ==
Expires: Fri, 08 Jan 2021 03:14:54 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jan 2021 01:58:20 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
location: https://img.tradedoubler.com/images/inv.gif
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: text/html; charset=ISO-8859-1
alt-svc: clear
content-length: 248

GET
H/1.1

200
OK

Deichmann%20OS%20125x125.jpg
aaa.artefact.com/mst/4%20-%20Deichmann%20DE/Logos/
Redirect Chain

https://www.awin1.com/cshow.php?s=2434318&v=15047&q=367994&r=400281
https://aaa.artefact.com/trck/eview/e4941931e5e518f7d9eba1eb113c7f24
https://aaa.artefact.com/mst/4%20-%20Deichmann%20DE/Logos/Deichmann%20OS%20125x125.jpg

19 KB
19 KB

117ms
61ms

Image
image/jpeg

51.68.117.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaa.artefact.com/mst/4%20-%20Deichmann%20DE/Logos/Deichmann%20OS%20125x125.jpg
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5a1a34b1fc8d3df23a02442139b6b65a6be7d50470eaca580b4d0ff41db36151

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Last-Modified: Thu, 26 Mar 2020 09:01:09 GMT
Server: nginx
X-IPLB-Request-ID: B9D82263:3D20_334475B6:01BB_5FF7BC3D_6323862:2B935
ETag: "5e7c6f55-4bf6"
X-IPLB-Instance: 36559
Content-Type: image/jpeg
Cache-control: private
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 19446

Redirect headers

Pragma: no-cache
Date: Fri, 08 Jan 2021 01:58:21 GMT
Server: nginx
X-IPLB-Request-ID: B9D82263:3D14_334475B6:01BB_5FF7BC3D_6316700:2B936
X-IPLB-Instance: 36559
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Location: https://aaa.artefact.com/mst/4%20-%20Deichmann%20DE/Logos/Deichmann%20OS%20125x125.jpg
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

BP_DE_Fashion_Trends_160x600_020320_rs-SjynYXBR.gif
vht.tradedoubler.com/file/305884/06.05.2020/Fashion_Trends/
Redirect Chain

http://impde.tradedoubler.com/imp?type(img)g(24771730)a(1896427)
https://impde.tradedoubler.com/imp?type(img)g(24771730)a(1896427)
https://vht.tradedoubler.com/file/305884/06.05.2020/Fashion_Trends/BP_DE_Fashion_Trends_160x600_020320_rs-SjynYXBR.gif

69 KB
69 KB

300ms
36ms

Image
image/gif

13.224.94.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vht.tradedoubler.com/file/305884/06.05.2020/Fashion_Trends/BP_DE_Fashion_Trends_160x600_020320_rs-SjynYXBR.gif
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 5d68599e744519d5bd748f903c7687093b52d78514b0d0eabe879c842df48a01

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 22:00:14 GMT
Via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 06 May 2020 07:59:38 GMT
Server: Apache
Age: 532687
ETag: "11289-5a4f62548ee80"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 70281
X-Amz-Cf-Id: fxInIbrue3-Y22WvVViZKI1zss2WMApkvYMjCmegqw3SdDfaAiL6DQ==
Expires: Fri, 08 Jan 2021 22:00:14 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jan 2021 01:58:20 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
location: https://vht.tradedoubler.com/file/305884/06.05.2020/Fashion_Trends/BP_DE_Fashion_Trends_160x600_020320_rs-SjynYXBR.gif
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: text/html; charset=ISO-8859-1
alt-svc: clear
content-length: 323

GET
H2 200 app.js Show response
partner.experte.de/ 796 KB
202 KB 132ms
115ms Script
application/javascript 2606:4700:20::ac43:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.experte.de/app.js?v=l19no

Requested by

Host: partner.experte.de
URL: https://partner.experte.de/vergleich.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4827 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

722721e51fb9a0851d4e89be875905febf2489fe8122c4f86fc1644c41e50461

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Origin: http://de.helvetias.com
Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: KV
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=815600
x-region: eu-central-1
x-amz-apigw-id: YyoJJEIAFiAFcKg=
cf-request-id: 078150669900002be92e949000000001
x-amzn-requestid: 547382ab-6816-4238-8119-c638b5c279b8
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: cloudflare
x-powered-by: Express
x-amzn-trace-id: Root=1-5ff753d4-5df267b41228e1691d70a2d6;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UWjapORB0umau57v7pxA9dltTS%2BjTyeJMeotGgAAoAIf3fXfCxCGAJnuLJoLQkx3To%2Bqw8WU6Rn9r6J0luv7l5gmj38OA%2BW%2FLzlBBTPcfSG8vRCfgAunyvTtJFL1Ruc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=1800
etag: W/"c71f0-4977387000"
cf-ray: 60e2501dc9ac2be9-FRA
x-amzn-remapped-date: Thu, 07 Jan 2021 18:32:52 GMT
x-amzn-remapped-connection: close
cf-bgj: minify

GET
H2 200 vergleich.css
partner.experte.de/ 147 KB
15 KB 70ms
70ms Stylesheet
text/css 2606:4700:20::ac43:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.experte.de/vergleich.css?v=l19no

Requested by

Host: partner.experte.de
URL: https://partner.experte.de/vergleich.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4827 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

adde1745304fd220084c55e19fe31084112fd6988d102043ce2f240369fa3ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: KV
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=150605
x-region: eu-central-1
x-amz-apigw-id: YyjgkHvBliAFnDA=
cf-request-id: 078150668a00004a56b0a20000000001
x-amzn-requestid: 442c001b-6db3-465f-9272-0c9694c9ba34
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: cloudflare
x-powered-by: Express
x-amzn-trace-id: Root=1-5ff74c69-3b443eac5faaaccb326d253a;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0t0hLD2tVEk3BnvJ%2BBrQeMq91E3LaJUwvm1SkpAX88bDgeSSi08xYw9dmRqkPX39Rw%2ByAme%2BLMIPohMKI6wMgESJDm3kJkCrL9B%2Bx0TfZT5uGBZSSbBQywhm1TK%2FXBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=1800
etag: W/"24c4d-4977387000"
cf-ray: 60e2501dac904a56-FRA
x-amzn-remapped-date: Thu, 07 Jan 2021 18:01:13 GMT
x-amzn-remapped-connection: close
cf-bgj: minify

GET
H/1.1 200
OK c.php
www.seekgo.net/adserver/ Frame A7D5 0
0 109ms
70ms Document
text/html 91.184.48.164
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.seekgo.net/adserver/c.php
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 91.184.48.164 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ms4.nl2.kolido.net
Software: Apache / PHP/5.4.45-0+deb7u6
Resource Hash

Request headers

Host: www.seekgo.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://de.helvetias.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://de.helvetias.com/

Response headers

Date: Fri, 08 Jan 2021 02:00:16 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u6
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 175
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
X-Pad: avoid browser bug

GET
H2 200 common-es2015.bb067c4d6b085a76b06f.js Show response
partner.experte.de/ 3 KB
2 KB 62ms
61ms Script
application/javascript 2606:4700:20::ac43:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.experte.de/common-es2015.bb067c4d6b085a76b06f.js

Requested by

Host: partner.experte.de
URL: https://partner.experte.de/app.js?v=l19no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4827 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

61d3ecb2dc50bc9ea274c4b961ca578380790f5e27887189aadd066db34560f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: KV
nel: {"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-connection: close
x-region: eu-central-1
x-amz-apigw-id: YyjgpHknliAFt6g=
cf-request-id: 07815067d200004a560b1a9000000001
x-amzn-requestid: f4461f71-fac0-4853-a82d-cf72602a9b99
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: cloudflare
x-powered-by: Express
x-amzn-trace-id: Root=1-5ff74c6a-7936ebe83fb63f5d78aabd59;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d09Qg2I0%2FfWUv9Y%2FKxkYBPI%2BCwlYWkdKJsP910v7nnL5zB%2ByVx4PCiVA4KuXC21XWTHoh%2Fs0atbFUdmLuDrHuZiXW2QdVX65b%2F%2F96IXJUfTOTgZujckqpq9KKdP8%2F5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=1800
etag: W/"cd4-4977387000"
cf-ray: 60e2501fb82d4a56-FRA
x-amzn-remapped-date: Thu, 07 Jan 2021 18:01:14 GMT
cf-bgj: minify

GET
H2 200 7-es2015.03c31877c3f768b9b98f.js Show response
partner.experte.de/ 110 KB
23 KB 73ms
72ms Script
application/javascript 2606:4700:20::ac43:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.experte.de/7-es2015.03c31877c3f768b9b98f.js

Requested by

Host: partner.experte.de
URL: https://partner.experte.de/app.js?v=l19no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4827 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0ba3171c996dc98a5f08e37dc0a315dbec65e2114f0b379699a3fc259112ab6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: KV
nel: {"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-connection: close
x-region: eu-central-1
x-amz-apigw-id: YyjgpFkLliAFqlw=
cf-request-id: 07815067d200004a56eabdd000000001
x-amzn-requestid: f087877d-fd48-4224-9c57-be63263d3139
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: cloudflare
x-powered-by: Express
x-amzn-trace-id: Root=1-5ff74c6a-5b9856c63cdcf8c55f137038;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BV9K8LBHXLmZpkcPSM9l0ikvONKKFKKXA0NIItw%2FoLlFF8ho3OknKak4N%2B6qxkbpkoVPxuFUFQo2AkyjBafknHywBwSz3ghpWw1sXHbrIN5Eo02pePNxMNtw%2BZV%2FgQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=1800
etag: W/"1b9c5-4977387000"
cf-ray: 60e2501fb8304a56-FRA
x-amzn-remapped-date: Thu, 07 Jan 2021 18:01:14 GMT
cf-bgj: minify

GET
H2 200 t.js Show response
www.experte.de/ 46 KB
19 KB 43ms
30ms Script
text/javascript 2606:4700:20::ac43:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.experte.de/t.js

Requested by

Host: partner.experte.de
URL: https://partner.experte.de/app.js?v=l19no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4827 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3517391c9a015742fb4aa06bcd683cc26925fd02abbbcd52ab600128d4bb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6
cf-polished: origSize=47051
cross-origin-resource-policy: cross-origin
cf-bgj: minify
vary: Accept-Encoding
cf-request-id: 078150684b00004a56e9b09000000001
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=woeDp8kgkLBMtEFg8uUAFOqdTbxXkG4h2ui24dd%2B%2BvUxO060WsrOsA7i8%2FwQFs760CVpZ5iLGxgX74Rk1TmrqRJV0n0eqGhzAanCTfDQaNTKH%2F0zuIT4gwp5Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=7200
cf-ray: 60e250207ac54a56-FRA
expires: Fri, 08 Jan 2021 03:19:32 GMT

GET
H2 200 products Show response
api.experte.de/cms/ 69 KB
13 KB 42ms
30ms XHR
application/json 2606:4700:20::ac43:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.experte.de/cms/products?type=passwordmanager&sort=-popularity&start=0&limit=100&locale=de

Requested by

Host: partner.experte.de
URL: https://partner.experte.de/app.js?v=l19no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4827 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4253b6cc8c8aa9a20898f63af79246bb33d92b8c6f41a5fc2ddcbe2a3ab221c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2403
x-amzn-requestid: 23041216-106b-4f04-8ab3-bdfa51752504
x-amz-apigw-id: YzjiLEvvliAFhrA=
cf-request-id: 078150685100002be93b3da000000001
server: cloudflare
x-amzn-trace-id: Root=1-5ff7b2da-1c1683892a97ba352fe6e6f2;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q3inzx5r0d2I1eaE4z%2B7kDR5t%2BuxwXUXTyAx3mztYyvTELI9HqSKR824xjvEJCFqhJt9AAgyDmigitL88Ez3ghwg3pj2CC4F10Jh%2FuJHzO77IX4OECHCXgz1oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=1800
access-control-allow-credentials: true
cf-ray: 60e250208c022be9-FRA

GET
H/1.1 200
OK dashlane-logo.png
images.ctfassets.net/0exzujcgu96f/6rlFd2NnnGsCAqmkGYaaUW/6ead66e89850ac4bab886b1117e2a2b5/ 789 B
1 KB 29ms
14ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/6rlFd2NnnGsCAqmkGYaaUW/6ead66e89850ac4bab886b1117e2a2b5/dashlane-logo.png?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 77516828328a67e5d2017f07986e33163627a75b6b25374f99acd4e278c53ff5

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 06:01:18 GMT
Via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 02 Dec 2020 22:14:18 GMT
Server: Contentful Images API
Age: 71823
ETag: "bf9a778eafba8a7887d63a126410edbe"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 789
X-Amz-Cf-Id: vb8tcx4xR1lAHXF3pGlUKwQP5_83PdBUGUANDgVQlrl62aaIUMPk1Q==

GET
H/1.1 200
OK sticky-password.jpg
images.ctfassets.net/0exzujcgu96f/1zxOahYdGAC2Yqy8sacECG/e85fca2039ff34ccc051ac9204582a9c/ 1 KB
2 KB 27ms
12ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/1zxOahYdGAC2Yqy8sacECG/e85fca2039ff34ccc051ac9204582a9c/sticky-password.jpg?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 25eea77eda78edb3194d71063fe6bfa93885983e04854cb13f30d03bf902873d

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 06:01:18 GMT
Via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 04 Dec 2020 19:02:25 GMT
Server: Contentful Images API
Age: 71823
ETag: "7dfb707896739e43050323f63d0d31b5"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 1033
X-Amz-Cf-Id: zg4QZFJsgBPTTa3Ib-XS0E-ibDYpAaesnxcQT4jrA3SpcXQb-KSKDg==

GET
H/1.1 200
OK avira-logo.png
images.ctfassets.net/0exzujcgu96f/4Bqjx4RvFy6BvoOaJ0595d/110e421dd394a321de77f16db5e06f21/ 916 B
1 KB 40ms
24ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/4Bqjx4RvFy6BvoOaJ0595d/110e421dd394a321de77f16db5e06f21/avira-logo.png?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0f9d37ca0c87b278229a6bedb9cb88c6d97c3584f636dd13ef504f84ff134c9d

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 01:58:21 GMT
Via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
Last-Modified: Mon, 14 Dec 2020 23:43:25 GMT
Server: Contentful Images API
X-Amz-Cf-Pop: ZRH50-C1
ETag: "caa6d6f08a237ef851787af67ad47c8a"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 916
X-Amz-Cf-Id: aX1k5t6ujPSxSYsUlcFPCNNoXhUJ9nyxFIuysYUXFTW9ntvpzE2f6w==

GET
H/1.1 200
OK roboform-logo.png
images.ctfassets.net/0exzujcgu96f/242MTeQNzWICGYMWcyKuY0/4e6ebe1ec9f04673d5b63c6adacc33c5/ 908 B
1 KB 29ms
14ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/242MTeQNzWICGYMWcyKuY0/4e6ebe1ec9f04673d5b63c6adacc33c5/roboform-logo.png?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: d1b162d4c24072372ce9c49aaee9e4af762b184c1fded9d8f8f212e1244da6f6

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 19:15:56 GMT
Via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 26 Nov 2020 16:15:33 GMT
Server: Contentful Images API
Age: 24145
ETag: "e02f7e9f796bf39f790f49cbe05112b4"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 908
X-Amz-Cf-Id: WFvjwWjhn6E89tpyqu-66NQc5utz4sJ2wVB8R_qxUd2vrKJ83RmVqw==

GET
H/1.1 200
OK lastpass-logo.png
images.ctfassets.net/0exzujcgu96f/4W8qxKMiIgWoYk0c4yE8Ci/287bdbc75e59e088a012ce5dcd4e2e85/ 969 B
1 KB 28ms
13ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/4W8qxKMiIgWoYk0c4yE8Ci/287bdbc75e59e088a012ce5dcd4e2e85/lastpass-logo.png?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: be729c05b51c968b657ccd698c84de36356368e7ebb8593811f6c6bfdda1bca7

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 18:01:07 GMT
Via: 1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 19 Dec 2020 08:21:25 GMT
Server: Contentful Images API
Age: 28634
ETag: "df7768471fd25aef1cc16dd734cbefa0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 969
X-Amz-Cf-Id: KZHRpa2yRGbb_-K9BYAw1a3x4xKJiVho8znghmsqYruQhgobKX_mLA==

GET
H/1.1 200
OK 1password-logo.png
images.ctfassets.net/0exzujcgu96f/Qz0fFznbKo6IW442wC24w/8d8ac12c6a068368faa5841f137d9005/ 2 KB
2 KB 28ms
14ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/Qz0fFznbKo6IW442wC24w/8d8ac12c6a068368faa5841f137d9005/1password-logo.png?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 4fbe5e7fdb574eaca18fa782bd21d3aba75349cbce5c2e31f154e913e1a3770f

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 06:49:45 GMT
Via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 27 Nov 2020 09:33:32 GMT
Server: Contentful Images API
Age: 68916
ETag: "6d4e951031406751507b0309d30e6177"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 1639
X-Amz-Cf-Id: QoGHSKTf4_nl8faF0jvwz4q8HJKBxrOx_hGwGnV5-q6xGKAh2GDs9Q==

GET
H/1.1 200
OK nordpass.jpg
images.ctfassets.net/0exzujcgu96f/3oGILYaPqZvfamChdAfCOI/6f6d4ef59fbeb78fcd6a45a08c0ce043/ 1014 B
1 KB 13ms
12ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/3oGILYaPqZvfamChdAfCOI/6f6d4ef59fbeb78fcd6a45a08c0ce043/nordpass.jpg?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a4a69281d589726835ada98dcbc9a57e426ee25f958c894ff21f28eb3cc622c7

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 19:15:56 GMT
Via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sun, 27 Dec 2020 01:07:53 GMT
Server: Contentful Images API
Age: 24145
ETag: "0ef43a789eb74237846a5505de130191"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 1014
X-Amz-Cf-Id: LJSHcutKavXPJgiQGCKd7rypGFpaAdJnT-IriSWhCC55SbvIPWEirg==

GET
H/1.1 200
OK keeper-logo.png
images.ctfassets.net/0exzujcgu96f/2H6v90VEd22gCOI6UmKkUW/3cc0153e13703d08faaa31c901eb19d8/ 948 B
1 KB 14ms
12ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/2H6v90VEd22gCOI6UmKkUW/3cc0153e13703d08faaa31c901eb19d8/keeper-logo.png?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a89bf9a600b0999555021e3a71353668b3dbfbb76ee50069d1744e9c45047fbc

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 06:01:18 GMT
Via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 15 Dec 2020 02:59:00 GMT
Server: Contentful Images API
Age: 71823
ETag: "1a51f2b109a72475e8dbb768b560d407"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 948
X-Amz-Cf-Id: k_BJ5GE-FUHSIStednsGMc8TW7Xdj21oBspvndtVLaQ6RPu5vS0r0w==

GET
H/1.1 200
OK enpass-logo.png
images.ctfassets.net/0exzujcgu96f/1OSrNZnCcRd3PdXXz3WouX/1de18acb5a02514235a32d49ee5a7a34/ 1 KB
2 KB 19ms
18ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/1OSrNZnCcRd3PdXXz3WouX/1de18acb5a02514235a32d49ee5a7a34/enpass-logo.png?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a18df39b231f68ea1519b0ce4d45607d0bb3272a448db6927e73b84eece1af81

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 06:01:18 GMT
Via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 19 Dec 2020 01:19:49 GMT
Server: Contentful Images API
Age: 71822
ETag: "d29e43e6285846327cab2a91bef4eb7c"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 1127
X-Amz-Cf-Id: KNoWSsEZJG55KHcRiKP-ONycFs6lWE9E9wRAsp8jH09K5qa0tydysQ==

GET
H/1.1 200
OK bitwarden-logo.png
images.ctfassets.net/0exzujcgu96f/31xMIojWkZPhHzDnd18kMh/a2ac81c7b722ee06fb24e18d54b8b5f9/ 689 B
1 KB 30ms
29ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/31xMIojWkZPhHzDnd18kMh/a2ac81c7b722ee06fb24e18d54b8b5f9/bitwarden-logo.png?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 477ce9127017f544de87bbe57fe8249ab2e13e57aa6ea3abbdc0fcac6608a188

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 06:01:19 GMT
Via: 1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 26 Nov 2020 16:15:33 GMT
Server: Contentful Images API
Age: 71822
ETag: "b386b5a88859618f4c8da38dd91afb27"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 689
X-Amz-Cf-Id: dAPf5R0ES03O4HSDA3iGHVtGwgZz8laAY6KlnwTSTpfVH1X0MCwAFA==

GET
H/1.1 200
OK kaspersky-logo.svg
images.ctfassets.net/0exzujcgu96f/5lMUysqXDyiM662k6m66Sq/ac141311d6c40ecb1a2df17872bf0a5e/ 832 B
1 KB 14ms
13ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/5lMUysqXDyiM662k6m66Sq/ac141311d6c40ecb1a2df17872bf0a5e/kaspersky-logo.svg?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: e696cab5c1e184f44e42e58b9adff3ab8e9222b6389b562b98bda358f09d3030

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 06:01:19 GMT
Via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 28 Nov 2020 06:26:27 GMT
Server: Contentful Images API
Age: 71822
ETag: "acdcfe659507f99b70db687279973370"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 832
X-Amz-Cf-Id: K0L_IHIm3DjWOZBBMWn5p5TQLxfxXyyw1pCvaozdRlHi_7TbFWs0Nw==

GET
H/1.1 200
OK mcafee-logo.png
images.ctfassets.net/0exzujcgu96f/2ML43tE0n2HeVeEJkwaoCA/06b05f7aeb543b402abc243d139bb14f/ 2 KB
2 KB 17ms
17ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/2ML43tE0n2HeVeEJkwaoCA/06b05f7aeb543b402abc243d139bb14f/mcafee-logo.png?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 3c49ff8e1c1e0f9e42f4fd0c938cca9f2f3bdfb41df22f5cd1f7f57bf4d7082d

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 19:15:56 GMT
Via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 04 Dec 2020 04:21:23 GMT
Server: Contentful Images API
Age: 24145
ETag: "7472f3dfb2012bd11f4eada8b0ca099d"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 1615
X-Amz-Cf-Id: idMqzHGrFGnDlhX3HvxF92JGCmZugbwjw6fMXddKuomZQHV-NNukng==

GET
H/1.1 200
OK steganos-logo.png
images.ctfassets.net/0exzujcgu96f/1iN7Yzes3m0Akosos6ISyg/8904a1c9ae3f61a743ebbf88c8ce6fcb/ 1 KB
2 KB 14ms
12ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/1iN7Yzes3m0Akosos6ISyg/8904a1c9ae3f61a743ebbf88c8ce6fcb/steganos-logo.png?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 8675ba511f5317c2f2aa6329d96eb2fcf2daf7c8891658b1640d280ec744ef40

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 06:53:03 GMT
Via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 28 Nov 2020 06:26:26 GMT
Server: Contentful Images API
Age: 68718
ETag: "03df5de85408410eb428f8df8c16d52d"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 1421
X-Amz-Cf-Id: ZYZprr49Mc0dHkIC75FJE0hr04KHp9ArvaskvQ1LpOsKOEbI-aazKw==

GET
H/1.1 200
OK password-depot-logo.svg
images.ctfassets.net/0exzujcgu96f/120UdPvUtt4HEZr2kacjmO/d035bc68edf1707e6f0e020857b6eb89/ 1 KB
2 KB 14ms
13ms Image
image/png 2600:9000:2190:c200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.ctfassets.net/0exzujcgu96f/120UdPvUtt4HEZr2kacjmO/d035bc68edf1707e6f0e020857b6eb89/password-depot-logo.svg?w=125&h=50&fm=png&fl=png8
Requested by: Host: de.helvetias.com
URL: http://de.helvetias.com/
Protocol: HTTP/1.1
Server: 2600:9000:2190:c200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 7656e34acbbc6e043e4dd57269525b48d9c3c3917eb71be6d029b2240b174fcf

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 18:01:08 GMT
Via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 09 Dec 2020 06:24:27 GMT
Server: Contentful Images API
Age: 28633
ETag: "605710fcf0d3362ebd83e5a7955c7bf5"
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 1222
X-Amz-Cf-Id: Pf8wcBGqbVKErgmKVYW7nBItIKpTSmXP6B1d1FcSDSqwIK4gS7j2rA==

POST
H2 200 view Show response
t.experte.de/j/ 4 B
441 B 56ms
44ms XHR
text/plain 2606:4700:20::ac43:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.experte.de/j/view?v=1&_v=j87&aip=1&a=1441398973&t=pageview&_s=1&dl=http%3A%2F%2Fde.helvetias.com%2F&dp=%2Fpasswordmanager&ul=en-us&de=UTF-8&dt=HELVETIAS%20Shopping&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=63810886&gjid=1939291466&cid=2011000855.1610071102&tid=UA-99364556-1&_gid=2090033371.1610071102&_r=1&_slc=1&cd1=41393&z=318870194

Requested by

Host: partner.experte.de
URL: https://partner.experte.de/app.js?v=l19no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4827 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jan 2021 01:58:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=15552000
content-length: 4
cf-request-id: 07815069e600004a5606b7f000000001
pragma: no-cache
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lwdgrQGlw30F0hJ%2F2EQF4U1DRWdK5K8LwaYs7zrxSGCV0%2BRAVVxuTQ5fGfM6UstwvXINBxrD%2B4UoPGkJknnypkz4mmX1TSTNnYwKLSkv%2FBUl9kyqlkpEb24%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: http://de.helvetias.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 60e250230de74a56-FRA
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST view
stats.g.doubleclick.net/j/ 0
0

OPTIONS
H2 200 events
api.experte.de/t/ Frame 0
0 29ms
29ms Other
application/json 2606:4700:20::ac43:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.experte.de/t/events

Protocol

Server

2606:4700:20::ac43:4827 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://de.helvetias.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 08 Jan 2021 01:58:22 GMT
content-type: application/json
content-length: 1
x-amzn-requestid: 2de0775d-977f-4692-b608-73150a272a33
access-control-allow-origin: http://de.helvetias.com
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: YzpZtFzWFiAFboQ=
access-control-allow-methods: OPTIONS,POST,GET
cf-cache-status: DYNAMIC
cf-request-id: 0781506a3800002be9e93d2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UwAZW7vBpXL4NEVswEj1FVNCs93WGp0NsGg2ewyrHFWik%2B1%2BcVTncRNafqA%2F2fAngnfuH1%2F6mJPdpLRtCD4ehqlWXHkDwH%2BFCjeIVySXvGTSP0X87S7yPoj2Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 60e250238eef2be9-FRA

POST
H2 201 events Show response
api.experte.de/t/ 0
372 B 75ms
75ms XHR
application/json 2606:4700:20::ac43:4827
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.experte.de/t/events

Requested by

Host: partner.experte.de
URL: https://partner.experte.de/app.js?v=l19no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4827 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: http://de.helvetias.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Jan 2021 01:58:22 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-amzn-requestid: 6bac2d1a-3c25-4cd1-8159-d0dfd88fad5d
x-amz-apigw-id: YzpZtHUBFiAFfsQ=
content-length: 0
cf-request-id: 0781506a5600002be935835000000001
server: cloudflare
x-amzn-trace-id: Root=1-5ff7bc3e-73d09fb805bce8f320ac148f;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tw5jBCo8rwjt1vyenKGDXVNyYLJOUf1wJcbrY3DWlMf%2BS8M%2B8lr6ThP5rYo7XfvSUaT%2BVjJR3STc7Rb73To29JR2TPV%2F4U94K8CYUrnriFJcbHTrfYif%2Biqggg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 60e25023bf1a2be9-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/view?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-99364556-1&cid=2011000855.1610071102&jid=63810886&gjid=1939291466&_gid=2090033371.1610071102&_u=YEBAAEAAAAAAAC~&z=509344476

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aaa.artefact.com
affiliate.fressnapf.de
api.experte.de
cert-explidowebmarket.netdna-ssl.com
de.helvetias.com
h.simplytel.de
images.ctfassets.net
images.goertz.de
img.tradedoubler.com
impde.tradedoubler.com
media.cyberport.de
mediaserver.entainpartners.com
ms31.nl2.kolido.net
news.comventure.de
otto-partnerprogramm.de
partner.experte.de
s3-eu-west-1.amazonaws.com
static.ppro.de
stats.g.doubleclick.net
t.experte.de
vht.tradedoubler.com
www.awin1.com
www.cpx-ads.de
www.experte.de
www.knmweb.de
www.raddiscount.de
www.seekgo.net
stats.g.doubleclick.net
104.111.239.217
104.16.39.54
13.224.94.118
13.224.94.84
151.139.236.192
159.69.22.140
193.227.195.217
194.231.246.178
213.174.51.88
2600:9000:2190:c200:12:94b3:c380:93a1
2606:4700:20::ac43:4827
2606:4700::6812:1781
2a02:26f0:6c00:2be::2638
34.95.109.120
51.68.117.182
52.218.57.195
62.104.23.103
78.46.180.203
85.17.10.131
91.143.241.76
91.184.48.164
91.213.4.40
93.191.169.159
0ba3171c996dc98a5f08e37dc0a315dbec65e2114f0b379699a3fc259112ab6d
0f9d37ca0c87b278229a6bedb9cb88c6d97c3584f636dd13ef504f84ff134c9d
18545ff0ef24e38127b49260b4400e4df55aee939bde736cf454e6fd52198f96
25eea77eda78edb3194d71063fe6bfa93885983e04854cb13f30d03bf902873d
2f3517391c9a015742fb4aa06bcd683cc26925fd02abbbcd52ab600128d4bb01
329d0b8d14d4a26ed9120f7c12acdcceaee9a22ba15508101755384ae7a7c2c1
361442bb18ba357e9444b10cea7b98c615113aff4464e26d21319e9b03a58ece
37a5e095152d0091e663897f4d6be263e22a0b400166cc7fd81c0e829056111b
389989eed92431ceae7e6adc3b2b63e49e89307d3daa18a1f8812e7b6ed3fbb4
38fc8521644dc6ca3e4bc1d2502bae710fefa9d32aed26d48b1b6321f42e2f21
3c49ff8e1c1e0f9e42f4fd0c938cca9f2f3bdfb41df22f5cd1f7f57bf4d7082d
4253b6cc8c8aa9a20898f63af79246bb33d92b8c6f41a5fc2ddcbe2a3ab221c8
477ce9127017f544de87bbe57fe8249ab2e13e57aa6ea3abbdc0fcac6608a188
496b3366d6d5e20dd75625a73f1cda9b9002245d3efbb3e19cc3ba31debb4bda
4ae1dc31717e5d80b1e5fe2cf3735aeee6b97da38b2a3e5cfbfc574e60e7331a
4fbe5e7fdb574eaca18fa782bd21d3aba75349cbce5c2e31f154e913e1a3770f
5a1a34b1fc8d3df23a02442139b6b65a6be7d50470eaca580b4d0ff41db36151
5c3a81a5b1bbda10184dac0de1728cc650bbb0686e757bc3ce2edf550a765d38
5d68599e744519d5bd748f903c7687093b52d78514b0d0eabe879c842df48a01
61d3ecb2dc50bc9ea274c4b961ca578380790f5e27887189aadd066db34560f6
6f8f42db5edb61075fc8dc96484e370c3fbb640ac6cb579d01c03c3a1dd14547
722721e51fb9a0851d4e89be875905febf2489fe8122c4f86fc1644c41e50461
7656e34acbbc6e043e4dd57269525b48d9c3c3917eb71be6d029b2240b174fcf
77516828328a67e5d2017f07986e33163627a75b6b25374f99acd4e278c53ff5
8675ba511f5317c2f2aa6329d96eb2fcf2daf7c8891658b1640d280ec744ef40
99f0b7627cf3fc3d1073d99f2feb542b10bef6e10e36ab4e877c7872a852ab0c
a18df39b231f68ea1519b0ce4d45607d0bb3272a448db6927e73b84eece1af81
a457d39aafac2f69fe34e2f01317bf6e808749f0558df7227d11f1829f658b26
a4a69281d589726835ada98dcbc9a57e426ee25f958c894ff21f28eb3cc622c7
a5a8e2cd3ff69f1424a5e8d795a1418607e6bb16aeffca46d3bbfbd781f6f79a
a89bf9a600b0999555021e3a71353668b3dbfbb76ee50069d1744e9c45047fbc
ac7be6eaf9ec8a19bf19a29c16ebea8c65f01e87e36397aa4237f2a25e319553
adde1745304fd220084c55e19fe31084112fd6988d102043ce2f240369fa3ee5
ae35feffc1a4e4731c8f2f9c39631a5674d09f69eaa926f6b4a4354ed3d1417f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e8767d0fe9844d0ac4705cc87d475207764d17823877f3234c00d7705e1481
b6539991582f82babcd826db6dcb79b89ebe6ed7e1622afe4d0d1266b4717e81
bd5d45c5aae4f94843866c3fb62e4bd13c2d4f1a0e8bc9991628bf8a2aa8f541
be729c05b51c968b657ccd698c84de36356368e7ebb8593811f6c6bfdda1bca7
c03f4044237184cae1bb9074cb2076ceeee77dd2dd2ee0f61e631cefaf702558
c1769fc79ce35eb81f49e5ec0dd4613204fea50e9b9ad96ea4ff504a90a78a4a
ca67236931638b4b2eebc894430ea3d0283c2cad6e8fe5f2fbc9fcd3b6e2f74f
d0ecb17f4a0399e0141b52490db1f0a4e59ff6c9ad1de5c50ce24678359b1134
d1b162d4c24072372ce9c49aaee9e4af762b184c1fded9d8f8f212e1244da6f6
d3b56fbb8c36c4bf255f364108959f870cf8b2993107e7951383f80a1784da19
dd29af2414e2d985b741adbada50dd95f1b4f174e8eec3fb599916b5d7aa42f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e696cab5c1e184f44e42e58b9adff3ab8e9222b6389b562b98bda358f09d3030
ed49d44b0edfb70004184d3e5368f9ec4eae76e542e946806e8539554c690ac0

de.helvetias.com Open in urlscan Pro 91.213.4.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

62 %HTTPS

17 %IPv6

22 Domains

27 Subdomains

21 IPs

8 Countries

571 kBTransfer

1468 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

de.helvetias.com Open in urlscan Pro
91.213.4.40 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

62 %
HTTPS

17 %
IPv6

22
Domains

27
Subdomains

21
IPs

8
Countries

571 kB
Transfer

1468 kB
Size

0
Cookies

53 HTTP transactions
0 data transactions