urlscan.io logo urlscan.io
SecurityTrails logo

trk.giordanoweine.de Open in urlscan Pro
34.90.63.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news.streckenvermailing.de/T2?95mt2Pp5VfSVKSPp5VLwcOlGUQ8t2FV3FUQVeSVO2-999-8
Effective URL: http://trk.giordanoweine.de/disabled.html
Submission: On June 20 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 15 domains to perform 30 HTTP transactions. The main IP is 34.90.63.227, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is trk.giordanoweine.de.
This is the only time trk.giordanoweine.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 116.203.118.191 24940 (HETZNER-AS)
1 1 34.120.158.240 396982 (GOOGLE-CL...)
2 2 54.246.129.40 16509 (AMAZON-02)
3 18.201.7.195 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.101.193.44 54113 (FASTLY)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 35.170.178.11 14618 (AMAZON-AES)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 34.200.203.167 14618 (AMAZON-AES)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 52.223.40.198 16509 (AMAZON-02)
1 2 69.192.160.219 16625 (AKAMAI-AS)
1 2 34.90.63.227 396982 (GOOGLE-CL...)
1 141.226.228.48 200478 (TABOOLA-AS)
30 14
1    116.203.118.191 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb04.brm24.de
news.streckenvermailing.de
1    34.120.158.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.158.120.34.bc.googleusercontent.com
destinationpush.com
2    54.246.129.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-129-40.eu-west-1.compute.amazonaws.com
go.oferting.org
trac.oferting.org
3    18.201.7.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-201-7-195.eu-west-1.compute.amazonaws.com
r-ext.oferting.org
2    2600:9000:225e:be00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:1f18:730:b120:4ab9:a165:6787:58f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    35.170.178.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-178-11.compute-1.amazonaws.com
rp4.liadm.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    34.200.203.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-203-167.compute-1.amazonaws.com
i.liadm.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
2    34.90.63.227 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.63.90.34.bc.googleusercontent.com
trk.giordanoweine.de
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
440 KB
6 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3935
rp.liadm.com — Cisco Umbrella Rank: 2735
rp4.liadm.com — Cisco Umbrella Rank: 10422
i.liadm.com — Cisco Umbrella Rank: 567
i6.liadm.com Failed
16 KB
5 oferting.org
go.oferting.org
r-ext.oferting.org
trac.oferting.org
55 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1039
trc.taboola.com — Cisco Umbrella Rank: 698
trc-events.taboola.com — Cisco Umbrella Rank: 1618
19 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
2 giordanoweine.de
trk.giordanoweine.de
446 B
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1199
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 91
619 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384
265 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 464
676 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
60 KB
1 destinationpush.com
destinationpush.com
490 B
1 streckenvermailing.de
news.streckenvermailing.de
382 B
0 demdex.net Failed
dpm.demdex.net Failed
0 bidswitch.net Failed
x.bidswitch.net — Cisco Umbrella Rank: 303 Failed
30 15
Domain Requested by
6 connect.facebook.net r-ext.oferting.org
connect.facebook.net
3 www.google-analytics.com r-ext.oferting.org
3 r-ext.oferting.org r-ext.oferting.org
2 trk.giordanoweine.de 1 redirects
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 i.liadm.com b-code.liadm.com
i.liadm.com
2 www.facebook.com r-ext.oferting.org
2 trc.taboola.com cdn.taboola.com
i.liadm.com
2 b-code.liadm.com r-ext.oferting.org
b-code.liadm.com
1 trc-events.taboola.com cdn.taboola.com
1 trac.oferting.org 1 redirects
1 match.adsrvr.org i.liadm.com
1 sync.mathtag.com 1 redirects
1 rp4.liadm.com r-ext.oferting.org
1 rp.liadm.com 1 redirects
1 cdn.taboola.com r-ext.oferting.org
1 www.googletagmanager.com r-ext.oferting.org
1 go.oferting.org 1 redirects
1 destinationpush.com 1 redirects
1 news.streckenvermailing.de 1 redirects
0 i6.liadm.com Failed i.liadm.com
0 dpm.demdex.net Failed i.liadm.com
0 x.bidswitch.net Failed i.liadm.com
30 23

This site contains no links.

Subject Issuer Validity Valid
*.oferting.org
Amazon		 2022-04-27 -
2023-05-26		 a year crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-29 -
2022-06-27		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 2 frames:

Primary Page: http://trk.giordanoweine.de/disabled.html
Frame ID: 1056F817482F46A018B30695456ADF11
Requests: 22 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: A057B1FADA364E085E7DA464D5B00ABF
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Disabled

Page URL History Show full URLs

  1. https://news.streckenvermailing.de/T2?95mt2Pp5VfSVKSPp5VLwcOlGUQ8t2FV3FUQVeSVO2-999-8 HTTP 302
    https://destinationpush.com/click/click-tracking?gid=5ea3f98f49d94e0a08992181&sid=R7Np5vcvU&vars=_vextcl... HTTP 302
    https://go.oferting.org/1lUMn?clkid=138857b7-aff3-4ddf-ab2b-166c50749824&gid=5ea3f98f49d94e0a0899218... HTTP 302
    https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&o... Page URL
  2. https://trac.oferting.org/of/?extclickid=_*extclickid*&emn_i=616&emn_a=3499&emn_c=376939&emn_rt=0&ol=B... HTTP 302
    https://trk.giordanoweine.de/click?pid=53&offer_id=82&sub2=03499061600989610509703414376939k13hppp8hcmudh... HTTP 302
    http://trk.giordanoweine.de/disabled.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

77 %
HTTPS

33 %
IPv6

15
Domains

23
Subdomains

14
IPs

5
Countries

610 kB
Transfer

1956 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news.streckenvermailing.de/T2?95mt2Pp5VfSVKSPp5VLwcOlGUQ8t2FV3FUQVeSVO2-999-8 HTTP 302
    https://destinationpush.com/click/click-tracking?gid=5ea3f98f49d94e0a08992181&sid=R7Np5vcvU&vars=_vextclickid%3D_*extclickid*&asci=@k0hHCuS4&click_id={{clkid}}&puid=69fb2ab58f9160b29e21b6dd37284c85 HTTP 302
    https://go.oferting.org/1lUMn?clkid=138857b7-aff3-4ddf-ab2b-166c50749824&gid=5ea3f98f49d94e0a08992181&sid=R7Np5vcvU&vars=_vextclickid%3D_*extclickid*&asci=@k0hHCuS4&click_id=138857b7-aff3-4ddf-ab2b-166c50749824&puid=69fb2ab58f9160b29e21b6dd37284c85 HTTP 302
    https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu Page URL
  2. https://trac.oferting.org/of/?extclickid=_*extclickid*&emn_i=616&emn_a=3499&emn_c=376939&emn_rt=0&ol=B&emn_p=&emn_cat=9896105-9703414&term=&emn_t=9703414&ref_offer=9896105&hs=2239002612&go=https%3A%2F%2Ftrk.giordanoweine.de%2Fclick%3Fpid%3D53%26offer_id%3D82%26sub2%3Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu HTTP 302
    https://trk.giordanoweine.de/click?pid=53&offer_id=82&sub2=03499061600989610509703414376939k13hppp8hcmudhp1aq1x4338g7zlnj3x HTTP 302
    http://trk.giordanoweine.de/disabled.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://news.streckenvermailing.de/T2?95mt2Pp5VfSVKSPp5VLwcOlGUQ8t2FV3FUQVeSVO2-999-8 HTTP 302
  • https://destinationpush.com/click/click-tracking?gid=5ea3f98f49d94e0a08992181&sid=R7Np5vcvU&vars=_vextclickid%3D_*extclickid*&asci=@k0hHCuS4&click_id={{clkid}}&puid=69fb2ab58f9160b29e21b6dd37284c85 HTTP 302
  • https://go.oferting.org/1lUMn?clkid=138857b7-aff3-4ddf-ab2b-166c50749824&gid=5ea3f98f49d94e0a08992181&sid=R7Np5vcvU&vars=_vextclickid%3D_*extclickid*&asci=@k0hHCuS4&click_id=138857b7-aff3-4ddf-ab2b-166c50749824&puid=69fb2ab58f9160b29e21b6dd37284c85 HTTP 302
  • https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Request Chain 13
  • https://rp.liadm.com/j?dtstmp=1655724980546&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&tna=v2.3.1&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gR2lvcmRhbm93aW5lcydzIHdlYnNpdGU8L3RpdGxlPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1655724980546&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&tna=v2.3.1&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_%2Aextclickid%2A%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gR2lvcmRhbm93aW5lcydzIHdlYnNpdGU8L3RpdGxlPg&i6=MjAwMTphYzg6MjA6M2QwMDoxMDEyOmMxZjc6YmMxMTo2ZDZl&n3pc=true
Request Chain 21
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F48148661233f4f29ad21267ffef519c1%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&6c9c3f96-d1d7-43e7-9d4f-5bea06c62982 HTTP 302
  • https://i.liadm.com/s/e/a-00xy/0/48148661233f4f29ad21267ffef519c1?mpid=7156&muid=c79562b0-5bb5-4400-a7f4-52205f0e07ff
Request Chain 23
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=22c04e02-df13-423e-a87e-5112836b51ac HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982
Request Chain 25
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982&rd=Y
Request Chain 27
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
r-ext.oferting.org/r/
Redirect Chain
  • https://news.streckenvermailing.de/T2?95mt2Pp5VfSVKSPp5VLwcOlGUQ8t2FV3FUQVeSVO2-999-8
  • https://destinationpush.com/click/click-tracking?gid=5ea3f98f49d94e0a08992181&sid=R7Np5vcvU&vars=_vextclickid%3D_*extclickid*&asci=@k0hHCuS4&click_id={{clkid}}&puid=69fb2ab58f9160b29e21b6dd37284c85
  • https://go.oferting.org/1lUMn?clkid=138857b7-aff3-4ddf-ab2b-166c50749824&gid=5ea3f98f49d94e0a08992181&sid=R7Np5vcvU&vars=_vextclickid%3D_*extclickid*&asci=@k0hHCuS4&click_id=138857b7-aff3-4ddf-ab2b...
  • https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.201.7.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-201-7-195.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b7105493875cf9fa1d067e390d7c6b1a5b14f45fbc9f7aa09371c09211fe7157

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Jun 2022 11:36:20 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
20
Content-Type
text/html
Date
Mon, 20 Jun 2022 11:36:18 GMT
Keep-Alive
timeout=2, max=200
Location
https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Server
Apache
Vary
Accept-Encoding
X-Powered-By
PHP/5.3.10-1ubuntu3.26
a-00xy.min.js
b-code.liadm.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-00xy.min.js
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:be00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b5eb850d470900e9fdca702625a1066ac4a9d0da54ea33b36dc39e4b7b8c6f9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 04:42:38 GMT
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
age
24822
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
content-encoding
gzip
x-amz-cf-id
s_6KNyh9k1atgtP_HW69oPBPsnhoj7LsZmxYG4WgR4yi1mMJabteww==
preload.gif
r-ext.oferting.org/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r-ext.oferting.org/images/preload.gif
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.201.7.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-201-7-195.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 11:36:20 GMT
last-modified
Tue, 07 Jun 2022 19:02:51 GMT
server
nginx
accept-ranges
bytes
etag
"629fa0db-47ed"
content-length
18413
content-type
image/gif
jquery-3.3.1.min.js
r-ext.oferting.org/js/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r-ext.oferting.org/js/jquery-3.3.1.min.js
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.201.7.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-201-7-195.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 11:36:20 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 19:02:51 GMT
server
nginx
etag
W/"629fa0db-1538f"
vary
Accept-Encoding
content-type
application/javascript
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2833
date
Mon, 20 Jun 2022 10:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 20 Jun 2022 12:49:07 GMT
gtm.js
www.googletagmanager.com/ 		170 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ML8Z3ZJ
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89807728ac1ed54ae6d47e3d5c51075b4b8f612bf2131b92ac63aff22d098d4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 11:36:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60661
x-xss-protection
0
last-modified
Mon, 20 Jun 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Jun 2022 11:36:20 GMT
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-00xy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:be00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
content-encoding
gzip
etag
W/"ae5e94de938b0387eda6df8f20da811a"
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
age
822207
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
date
Fri, 10 Jun 2022 23:12:54 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
0iuJit5m9jtGdCHVEjpOCnRBmZeubpTpmUvFPXv-EY2NsD8913hO0w==
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1542764456&t=pageview&_s=1&dl=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Giordanowines%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GgACAABB~&cid=609040127.1655724980&tid=UA-46029424-1&_gid=736542213.1655724980&z=2032750467
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 00:27:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40111
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1542764456&t=pageview&_s=1&dl=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Giordanowines%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GgACAABB~&cid=609040127.1655724980&tid=UA-2213239-17&_gid=1441649639.1655724980&cd1=9703414&cd4=9896105&cd6=World&cd7=automatic&cd9=B&cd10=616&cd11=restaurants&cd15=3499&z=1711906457
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 00:27:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40111
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1192092/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57dc84711b6d12bf9a18eda3ee2f33f0673fe4599448978e0fbfe7f6e4850a52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
9fSY7gxjgIYfrhDc7SQqetkFqe6Sn_9n
content-encoding
gzip
etag
"a77c022e04f1fd7fc7e1a6d6c32b6a31"
age
171
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17392
x-amz-id-2
6wyrrgK6vyclXL7x43h3Rd/uFfCE/esP8iKeOw5WJqHcEwHMToTpSTduiE8HGpR7xGOF1XzQ1hw=
x-served-by
cache-hhn4035-HHN
last-modified
Sun, 19 Jun 2022 11:05:37 GMT
server
AmazonS3
x-timer
S1655724981.506374,VS0,VE1
date
Mon, 20 Jun 2022 11:36:20 GMT
vary
Accept-Encoding
x-amz-request-id
WGPFPMFN40VKWY01
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
68
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
l30qPOLjmrxLBM5nhdn489JZllkRH0KyYLVc47qbU43aZK3DUBvK6SqR3pgtLoP1rk+33papyyWsz3/gF2i+pw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 20 Jun 2022 11:36:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
trc.taboola.com/1192092/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1192092/trc/3/json?tim=1655724980516&data=%7B%22id%22%3A664%2C%22ii%22%3A%22%2Fr%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1655724980512%2C%22cv%22%3A%2220220619-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-asuvoravaemailingnetworkcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1655724980516%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
65a7721b8284bc345e79d3506154efeb9d4a438751689f584417d8a8f4de650d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-vcl-time-ms
38
date
Mon, 20 Jun 2022 11:36:20 GMT
content-encoding
gzip
server
nginx
x-timer
S1655724981.530902,VS0,VE38
x-served-by
cache-hhn4035-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
292168677891119
connect.facebook.net/signals/config/ 		288 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/292168677891119?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6877dac7fab5beaa539581d1509fb72b0e6bf8265b676891597ee5ea69fe8db0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
EoybflGta+d0OIXGr7xvGRfl0mDjw3uZELUizHUDN1TtW6w3ARNz7c5u/tZp41NbJNM6NMVZgubD2/oTYysekA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 20 Jun 2022 11:36:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655724980587
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1655724980546&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&tna=v2.3.1&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_...
  • https://rp4.liadm.com/j?dtstmp=1655724980546&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&tna=v2.3.1&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm...
13 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1655724980546&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&tna=v2.3.1&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_%2Aextclickid%2A%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gR2lvcmRhbm93aW5lcydzIHdlYnNpdGU8L3RpdGxlPg&i6=MjAwMTphYzg6MjA6M2QwMDoxMDEyOmMxZjc6YmMxMTo2ZDZl&n3pc=true
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Server
35.170.178.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-178-11.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 11:36:21 GMT
x-pixel-event-id
c9adf9f5-8799-4984-90fa-83408f23a9de
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
b29741406a780fef
request-time
1
content-length
13
x-content-type-options
nosniff

Redirect headers

date
Mon, 20 Jun 2022 11:36:20 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
location
https://rp4.liadm.com/j?dtstmp=1655724980546&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&tna=v2.3.1&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_%2Aextclickid%2A%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gR2lvcmRhbm93aW5lcydzIHdlYnNpdGU8L3RpdGxlPg&i6=MjAwMTphYzg6MjA6M2QwMDoxMDEyOmMxZjc6YmMxMTo2ZDZl&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://r-ext.oferting.org
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
ec840e3348c020a9
request-time
0
content-length
0
x-content-type-options
nosniff
881065315591403
connect.facebook.net/signals/config/ 		288 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/881065315591403?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba2658c918f542e0c180723b6f33960862044dc73e4d2c6d3324a097b9cbab6c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
z6YMaorkUqjhban9WlivySIa31UQoiMtaw7GQYHltbvyC+j28XTa2soNyOenJxnwmq0mjlbORnJy1Fd4WKAuLA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 20 Jun 2022 11:36:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655724980671
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
500100887463371
connect.facebook.net/signals/config/ 		287 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/500100887463371?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e51ac58d58a149929f78060551efd4005ba4d54d1138cd56d8c4a3630511c7a9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
QN4nmvBzgHMx6dCPAwCFMwcpitKf3Q4X2E2w640FWheUgKQbrIuxLWGGgO8Lm9bMroUCRCBgyvwnIfJvUI2Erw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 20 Jun 2022 11:36:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655724980766
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
307114406839177
connect.facebook.net/signals/config/ 		288 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/307114406839177?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
51775cf063a3fda00200e426de908580339485e3fab08b30fcdec0883e21a51d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
JrrkirGaE3nbn5KM64STpo/zibop5sqVsLz8ZmZ/4mV7190XP6n8RvPoqibw2YDJYFFVgUWm53wc6dYpK2nU6A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 20 Jun 2022 11:36:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655724980835
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
650226988813823
connect.facebook.net/signals/config/ 		288 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/650226988813823?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
647225116b075e6033f0768ae680582023ab3af07419bf5c81e3a78e61eb4803
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Y1LMKx1EJr5yNbBvLVDPxKMkute5nQK4vltgsZX4T3cK2pbHADIs7u6k6sKf+X/rgO7EAI/oV9tRYhF+I3Jumg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 20 Jun 2022 11:36:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655724980903
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=292168677891119&ev=PageView&dl=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&rl=&if=false&ts=1655724980921&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655724980920.210773298&it=1655724980525&coo=false&tm=1&rqm=GET
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 11:36:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 20 Jun 2022 11:36:20 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=307114406839177&ev=PageView&dl=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&rl=&if=false&ts=1655724980923&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655724980920.210773298&it=1655724980525&coo=false&tm=1&rqm=GET
Requested by
Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 11:36:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 20 Jun 2022 11:36:20 GMT
a-00xy
i.liadm.com/s/c/ Frame A057 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.203.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-203-167.compute-1.amazonaws.com
Software
/
Resource Hash
3111a72c623e3611bbb0f0edc7b9c03870b499805272e5559f6f69969ee53c22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://r-ext.oferting.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
674
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Jun 2022 11:36:21 GMT
ETag
1.61803398874
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
48148661233f4f29ad21267ffef519c1
i.liadm.com/s/e/a-00xy/0/ Frame A057
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F48148661233f4f29ad21267ffef519c1%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&6c9c3f96-d1d7-43e7-9d4f-5be...
  • https://i.liadm.com/s/e/a-00xy/0/48148661233f4f29ad21267ffef519c1?mpid=7156&muid=c79562b0-5bb5-4400-a7f4-52205f0e07ff
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-00xy/0/48148661233f4f29ad21267ffef519c1?mpid=7156&muid=c79562b0-5bb5-4400-a7f4-52205f0e07ff
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
34.200.203.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-203-167.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 11:36:20 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Mon, 20 Jun 2022 11:36:21 GMT
Server
MT3 4447 e18e916 master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/a-00xy/0/48148661233f4f29ad21267ffef519c1?mpid=7156&muid=c79562b0-5bb5-4400-a7f4-52205f0e07ff
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 20 Jun 2022 11:36:20 GMT
generic
match.adsrvr.org/track/cmf/ Frame A057 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 11:36:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame A057
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=22c04e02-df13-423e-a87e-5112836b51ac
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982
0
0
ibs:dpid=127444&dpuuid=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F48148661233f4f29ad21267ffef519c1%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D
dpm.demdex.net/ Frame A057 		0
0
live_intent_sync
x.dlx.addthis.com/e/ Frame A057
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982&rd=Y
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 11:36:21 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 20 Jun 2022 11:36:21 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982&rd=Y
pragma
no-cache
date
Mon, 20 Jun 2022 11:36:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 20 Jun 2022 11:36:21 GMT
/
trc.taboola.com/sg/liveintent/1/cm/ Frame A057 		43 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 20 Jun 2022 11:36:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1655724982.597047,VS0,VE9
x-served-by
cache-hhn4035-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
35004
i6.liadm.com/s/ Frame A057
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
0
0
Primary Request disabled.html
trk.giordanoweine.de/
Redirect Chain
  • https://trac.oferting.org/of/?extclickid=_*extclickid*&emn_i=616&emn_a=3499&emn_c=376939&emn_rt=0&ol=B&emn_p=&emn_cat=9896105-9703414&term=&emn_t=9703414&ref_offer=9896105&hs=2239002612&go=https%3A...
  • https://trk.giordanoweine.de/click?pid=53&offer_id=82&sub2=03499061600989610509703414376939k13hppp8hcmudhp1aq1x4338g7zlnj3x
  • http://trk.giordanoweine.de/disabled.html
111 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
http://trk.giordanoweine.de/disabled.html
Protocol
HTTP/1.1
Server
34.90.63.227 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.63.90.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08

Request headers

Referer
https://r-ext.oferting.org/r/?utm_source=giordanowines&utm_medium=sopext&utm_campaign=9896105-9703414&orig=automatic&utm_term=generica&rtt=&f=0&c=restaurants&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D3499%26emn_c%3D376939%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9896105-9703414%26term%3D%26emn_t%3D9703414%26ref_offer%3D9896105%26hs%3D2239002612%26go%3Dhttps%253A%252F%252Ftrk.giordanoweine.de%252Fclick%253Fpid%253D53%2526offer_id%253D82%2526sub2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 20 Jun 2022 11:36:22 GMT
ETag
W/"628f9513-6f"
Last-Modified
Thu, 26 May 2022 14:56:19 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

access-control-allow-origin
*
content-length
0
date
Mon, 20 Jun 2022 11:36:22 GMT
location
http://trk.giordanoweine.de/disabled.html
server
nginx
unip
trc-events.taboola.com/1192092/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1192092/log/3/unip?en=pre_d_eng_tb&tos=1551&scd=100&ssd=1&est=1655724980514&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1655724982066&vi=1655724980512&ri=5e150391836f9d2cb3c6cba37073ae99&ref=null&cv=20220619-3-RELEASE&item-url=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dgiordanowines%26utm_medium%3Dsopext%26utm_campaign%3D9896105-9703414%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Drestaurants%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D3499%2526emn_c%253D376939%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9896105-9703414%2526term%253D%2526emn_t%253D9703414%2526ref_offer%253D9896105%2526hs%253D2239002612%2526go%253Dhttps%25253A%25252F%25252Ftrk.giordanoweine.de%25252Fclick%25253Fpid%25253D53%252526offer_id%25253D82%252526sub2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r-ext.oferting.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://r-ext.oferting.org
pragma
no-cache
date
Mon, 20 Jun 2022 11:36:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=liveintent&user_id=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=6c9c3f96-d1d7-43e7-9d4f-5bea06c62982&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F48148661233f4f29ad21267ffef519c1%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D
Domain
i6.liadm.com
URL
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

23 Cookies

Domain/Path Name / Value
trac.oferting.org/of Name: emntkgidentifiant
Value: k13hppp8hcmudhp1aq1x4338g7zlnj3x
trac.oferting.org/of Name: emntkgidentifiant_cpl
Value: k13hppp8hcmudhp1aq1x4338g7zlnj3x
trac.oferting.org/of Name: emntkgidentifiant_cpv
Value: k13hppp8hcmudhp1aq1x4338g7zlnj3x
trac.oferting.org/of Name: emntkg_ceb623589db8d0466aeaf811c84efb92
Value: 3499%7C376939%7C616%7C0%7C
trac.oferting.org/of Name: emntkg_cpl_ceb623589db8d0466aeaf811c84efb92
Value: 3499%7C376939%7C616%7C0%7C
trac.oferting.org/of Name: emntkg_cpv_ceb623589db8d0466aeaf811c84efb92
Value: 3499%7C376939%7C616%7C0%7C
r-ext.oferting.org/r Name: _liChk
Value: 0.26496436000353096
i.liadm.com/s Name: _li_ss
Value: MgUIBhDJEjIFCAoQyRIyBQgLEMkSMgUIfhDJEjIGCIsBEMkSMgUIeRDJEjIGCIEBEMkSMgkI_____wcQyRIyBQgMEMkS
destinationpush.com/ Name: clkid
Value: 138857b7-aff3-4ddf-ab2b-166c50749824
.oferting.org/ Name: _li_dcdm_c
Value: .oferting.org
.oferting.org/ Name: _lc2_fpi
Value: 0d3d1fb3a190--01g60ece6e8vhyakgkzk7bqak1
.liadm.com/ Name: lidid
Value: 6c9c3f96-d1d7-43e7-9d4f-5bea06c62982
.oferting.org/ Name: _fbp
Value: fb.1.1655724980920.210773298
.facebook.com/ Name: fr
Value: 0XBuldGafPOUlUjrY..BisFu0...1.0.BisFu0.
.mathtag.com/ Name: uuid
Value: c79562b0-5bb5-4400-a7f4-52205f0e07ff
.addthis.com/ Name: na_id
Value: 2022062011362100097419009106
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62b05bb54e367a55
.addthis.com/ Name: ouid
Value: 62b05bb50001c3af03778918a8ebb92594450bb1b8eeefd5a74d
.bidswitch.net/ Name: tuuid
Value: 22c04e02-df13-423e-a87e-5112836b51ac
.bidswitch.net/ Name: c
Value: 1655724981
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.bidswitch.net/ Name: tuuid_lu
Value: 1655724982

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-code.liadm.com
cdn.taboola.com
connect.facebook.net
destinationpush.com
dpm.demdex.net
go.oferting.org
i.liadm.com
i6.liadm.com
match.adsrvr.org
news.streckenvermailing.de
r-ext.oferting.org
rp.liadm.com
rp4.liadm.com
sync.mathtag.com
trac.oferting.org
trc-events.taboola.com
trc.taboola.com
trk.giordanoweine.de
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
dpm.demdex.net
i6.liadm.com
x.bidswitch.net
116.203.118.191
141.226.228.48
151.101.193.44
18.201.7.195
185.29.134.248
2600:1f18:730:b120:4ab9:a165:6787:58f
2600:9000:225e:be00:8:8845:1500:93a1
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.120.158.240
34.200.203.167
34.90.63.227
35.170.178.11
52.223.40.198
54.246.129.40
69.192.160.219
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3111a72c623e3611bbb0f0edc7b9c03870b499805272e5559f6f69969ee53c22
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
51775cf063a3fda00200e426de908580339485e3fab08b30fcdec0883e21a51d
57dc84711b6d12bf9a18eda3ee2f33f0673fe4599448978e0fbfe7f6e4850a52
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
647225116b075e6033f0768ae680582023ab3af07419bf5c81e3a78e61eb4803
65a7721b8284bc345e79d3506154efeb9d4a438751689f584417d8a8f4de650d
6877dac7fab5beaa539581d1509fb72b0e6bf8265b676891597ee5ea69fe8db0
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89807728ac1ed54ae6d47e3d5c51075b4b8f612bf2131b92ac63aff22d098d4c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b5eb850d470900e9fdca702625a1066ac4a9d0da54ea33b36dc39e4b7b8c6f9c
b7105493875cf9fa1d067e390d7c6b1a5b14f45fbc9f7aa09371c09211fe7157
b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08
ba2658c918f542e0c180723b6f33960862044dc73e4d2c6d3324a097b9cbab6c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
e51ac58d58a149929f78060551efd4005ba4d54d1138cd56d8c4a3630511c7a9
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9