urlscan.io logo urlscan.io
SecurityTrails logo

wolkegirl.de.tl Open in urlscan Pro
193.238.27.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wolkegirl.de.tl/
Effective URL: https://wolkegirl.de.tl/
Submission: On January 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 16 domains to perform 43 HTTP transactions. The main IP is 193.238.27.22, located in Germany and belongs to IPX-AS15598, DE. The main domain is wolkegirl.de.tl.
TLS certificate: Issued by R3 on October 30th 2023. Valid for: 3 months.
This is the only time wolkegirl.de.tl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 193.238.27.22 15598 (IPX-AS15598)
3 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 178.162.223.113 28753 (LEASEWEB-...)
11 178.162.223.114 28753 (LEASEWEB-...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
1 176.9.183.55 24940 (HETZNER-AS)
2 216.239.32.21 15169 (GOOGLE)
3 3.75.56.58 16509 (AMAZON-02)
1 3 18.185.208.113 16509 (AMAZON-02)
1 2 3.120.59.157 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 23.56.205.163 16625 (AKAMAI-AS)
1 23.227.38.74 13335 (CLOUDFLAR...)
43 17
3    193.238.27.22 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: de.tl
wolkegirl.de.tl
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    178.162.223.113 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com
theme.webme.com
11    178.162.223.114 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com
img.webme.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
asrv205.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)
t.adcell.com
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
nextlevel-f353.kxcdn.com
1    176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de
fwdtrk.com
2    216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
fwd.fwdtrk.com
3    3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
visifeed.org
3    18.185.208.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-208-113.eu-central-1.compute.amazonaws.com
api.yieldads.net
2    3.120.59.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-59-157.eu-central-1.compute.amazonaws.com
nakoona.com
3    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:4700:20::681a:dd7 (United States)

ASN13335 (CLOUDFLARENET, US)
r.linksprf.com
1    23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com
www.awin1.com
1    23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com
www.lights4fun.de
Apex Domain
Subdomains		 Transfer
12 webme.com
theme.webme.com
img.webme.com — Cisco Umbrella Rank: 414033
129 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
225 KB
3 yieldads.net
api.yieldads.net — Cisco Umbrella Rank: 120597
15 KB
3 visifeed.org
visifeed.org — Cisco Umbrella Rank: 119580
2 KB
3 fwdtrk.com
fwdtrk.com
fwd.fwdtrk.com
177 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
7 KB
3 de.tl
wolkegirl.de.tl
12 KB
2 linksprf.com
r.linksprf.com — Cisco Umbrella Rank: 81816
1 KB
2 nakoona.com
nakoona.com — Cisco Umbrella Rank: 555685
2 KB
2 adcell.com
t.adcell.com — Cisco Umbrella Rank: 57836
652 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
5 KB
1 lights4fun.de
www.lights4fun.de
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16092
860 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 kxcdn.com
nextlevel-f353.kxcdn.com — Cisco Umbrella Rank: 447568
73 KB
1 asrv205.com
asrv205.com
1 KB
43 16
Domain Requested by
11 img.webme.com wolkegirl.de.tl
7 pagead2.googlesyndication.com wolkegirl.de.tl
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 api.yieldads.net 1 redirects visifeed.org
api.yieldads.net
3 visifeed.org fwdtrk.com
visifeed.org
3 cdnjs.cloudflare.com wolkegirl.de.tl
cdnjs.cloudflare.com
3 wolkegirl.de.tl 1 redirects wolkegirl.de.tl
2 r.linksprf.com 2 redirects
2 nakoona.com 1 redirects api.yieldads.net
2 fwd.fwdtrk.com fwdtrk.com
fwd.fwdtrk.com
2 t.adcell.com 1 redirects asrv205.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.lights4fun.de nakoona.com
1 www.awin1.com 1 redirects
1 www.google.com tpc.googlesyndication.com
1 fwdtrk.com asrv205.com
1 nextlevel-f353.kxcdn.com asrv205.com
1 asrv205.com wolkegirl.de.tl
1 theme.webme.com wolkegirl.de.tl
43 19

This site contains links to these domains. Also see Links.

Domain
homepage-baukasten.de
silktide.com
www.homepage-baukasten.de
Subject Issuer Validity Valid
de.tl
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
misc.webme.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
img.webme.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
asrv205.com
GTS CA 1P5		 2023-12-04 -
2024-03-03		 3 months crt.sh
adcell.com
Certum Domain Validation CA SHA2		 2023-07-28 -
2024-07-27		 a year crt.sh
fwdtrk.com
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
fwd.fwdtrk.com
GTS CA 1D4		 2023-12-13 -
2024-03-12		 3 months crt.sh
visifeed.org
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
api.yieldads.net
Amazon RSA 2048 M01		 2023-10-04 -
2024-11-02		 a year crt.sh
nakoona.com
Amazon RSA 2048 M02		 2023-09-04 -
2024-10-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.lights4fun.de
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://wolkegirl.de.tl/
Frame ID: 83719FB979B9A704920A0BE4FBA6869B
Requests: 23 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: 6255A719B06612E9DB348A2442164094
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240117/r20190131/zrt_lookup_fy2021.html
Frame ID: 0D9FF1AF201421E585C5ADF547BC7CFE
Requests: 1 HTTP requests in this frame

Frame: https://t.adcell.com/p/view?promoId=320700&slotId=105746&pv=1
Frame ID: D332CBF301E550FB63B529907D4F185F
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjAsImNyZWF0aXZlX2lkIjozMCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiREUiLCJ0cyI6MTcwNTYxOTgwNH0%3D
Frame ID: 3B51718A38CB4A1A3E4B445CADA6F81D
Requests: 3 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3153&ci=yCZr6Tw%3D&its=9F%5Bt%2ALp5d%3Db%40%7BQD%3BvlPWbV%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: F6D310EEA20D40B0834D4EDFB3CAD253
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513165515302355&output=html&adk=1812271804&adf=3025194257&lmt=1705619804&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fwolkegirl.de.tl%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705619804021&bpp=4&bdt=297&idt=342&shv=r20240117&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2711202884312&frm=20&pv=2&ga_vid=1981205762.1705619804&ga_sid=1705619804&ga_hid=868102089&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079438%2C31080443%2C42531705%2C95320889%2C95321252%2C95321626%2C95322165&oid=2&pvsid=1428931989238454&tmod=851291116&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=378
Frame ID: F441CA81FC665B9B299801A51581EE1A
Requests: 1 HTTP requests in this frame

Frame: https://www.lights4fun.de/?utm_source=Awin&utm_medium=Affiliate&utm_campaign=Sub+Networks_143466_YIELDKIT+GmbH+-+Content+sites&awc=9958_1705619805_61c1d17f91dae5a87fa7fa5aad1bc7e6
Frame ID: 2EECE5B6C4CA2E1C014000099361C26A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9EF9554EEAE7C9E13CF7903E0653BEC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F83A4BF8C0102781ACBD689EE76DD417
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

wolkegirl - Home

Page URL History Show full URLs

  1. http://wolkegirl.de.tl/ HTTP 301
    https://wolkegirl.de.tl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Page Statistics

43
Requests

98 %
HTTPS

47 %
IPv6

16
Domains

19
Subdomains

17
IPs

4
Countries

648 kB
Transfer

1382 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wolkegirl.de.tl/ HTTP 301
    https://wolkegirl.de.tl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://t.adcell.com/p/image?promoId=296418&slotId=105746 HTTP 302
  • https://nextlevel-f353.kxcdn.com/Kr%C3%A4he%20WORKWEAR%20/Retargeting/Kr%C3%A4he_Retargeting_static_300x250.jpg
Request Chain 32
  • https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjI0IFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
  • https://nakoona.com/y?t=lights4fun.de&cid=60680e7f324de119b183bd1e7be20ea70bb44b16f47c17c89a5875d98bc43c27&identifier=c150519a19414017 HTTP 302
  • https://nakoona.com/search/lights4fun.de
Request Chain 37
  • https://r.linksprf.com/v1/redirect?url=https://lights4fun.de&api_key=0c9f1e13224812486ecdd05fb272f01d&site_id=5a43b939b8a5408586ff2f7960675eb5&type=url&source=https://nakoona.com/de/search/lights4fun.de&yk_tag=60680e7f324de119b183bd1e7be20ea70bb44b16f47c17c89a5875d98bc43c27 HTTP 302
  • https://r.linksprf.com/v2/go?t=et.pu%3A4%2Ftwg.lw2nF.%25o3%2Fswtlhcp.mhc%3Faio%3Dk9n81ie%3Dp454e67c0i9kfef%3D6a5o0n5.8o9%269l3car-f3%3D40407020e4d88ff844466664448ff88d4e02070404%3D3c%26almccrafo%3Dkan349e9k8i5c055e67f0f97626f58b8%264lacbr3fb%3D4a5o3ne.koi%26cw6rbv83b420618359e3266ad66da6623e953816024b38vb26e5k4ibc3mbcaa4o8k8nff2r7c6l6%2656b3%261rdf%26%3D5a9odnm.pop%26k%3Ditcpa%25mAc21%25iFaiwhws%2Ffsntdh&e=1&ai=d911a4a3784047589e982a87dc61975c&sct=0&ct=1705619805364&cu=f3864a666d4642fe85d8e6227b484b36&sr=1&ykuid=68127bf062ff4a95b00877a8c8042a54&sc=1&cs=bf22d6dd50111ce2129466296d381048 HTTP 302
  • https://www.awin1.com/awclick.php?mid=9958&id=143466&clickref=nakoona.com&clickref2=v030400014389f3864a666d4642fe85d8e6227b484b36&clickref3=5a43b939b8a5408586ff2f7960675eb5&clickref4=nakoona.com&awcr=v030400014389f3864a666d4642fe85d8e6227b484b36-5a43b939b8a5408586ff2f7960675eb5&pref1=nakoona.com&p=https%3A%2F%2Flights4fun.de HTTP 302
  • https://www.lights4fun.de/?utm_source=Awin&utm_medium=Affiliate&utm_campaign=Sub+Networks_143466_YIELDKIT+GmbH+-+Content+sites&awc=9958_1705619805_61c1d17f91dae5a87fa7fa5aad1bc7e6

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wolkegirl.de.tl/
Redirect Chain
  • http://wolkegirl.de.tl/
  • https://wolkegirl.de.tl/
47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.238.27.22 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS
de.tl
Software
nginx /
Resource Hash
879a3eeaa97becf76b4700922c5a11d9899a309c15d382918a23e7016756d680

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=iso-8859-15
Date
Thu, 18 Jan 2024 23:16:43 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
Via
1.1 varnish-v4
X-Varnish
593039370
X-wm-1
b5c15a4f00826b560de2380c0e08f5b7
X-wm-VIP
193.238.27.22
X-wm-req.backend
SitesGET
X-wm-req.backend.healthy
true
X-wm-req.restarts
0

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 18 Jan 2024 23:16:43 GMT
Location
https://wolkegirl.de.tl/
Server
Varnish
X-Varnish
607594739
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2512311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1618
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-11d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojA3RV4UbbpKj4q4led9MZ17TfWx2K9pTzEmQlj3P7i1MqFyYFhjkE1jMfSeVGbDVmfL29eFM7Z5wkINlU3f22EfbwIzIqMp1dhawoIsML1Q%2BiGBxHWwRWBFTY7aYUh5EhQxXT7V1U3x0HWLfduIZoe1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
847a8c1deac82c63-FRA
expires
Tue, 07 Jan 2025 23:16:43 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5513165515302355&host=ca-host-pub-1483906849246906
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b236ebe5b888db1b8336bd80fbf60202a7ebffb728cbfdf7391cdd0a4d460fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolkegirl.de.tl/
Origin
https://wolkegirl.de.tl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51140
x-xss-protection
0
server
cafe
etag
4641076231404393477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 18 Jan 2024 23:16:43 GMT
navi_ende.gif
theme.webme.com/designs/iceblue/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/iceblue/images/navi_ende.gif
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
52738ef63f4f5d74aec2c2d009710029efc884cf4918fb7792eec9f9475be020

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:43 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:46 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
44915
Content-Type
image/gif
X-Varnish
516155633, 324229682 293377647
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3928
Expires
Thu, 29 Feb 2024 10:48:08 GMT
rotw.gif
img.webme.com/pic/w/wolkegirl/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/rotw.gif
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
f5a6a67b28067624230540d24be2a49c4aa51ec69115574527ed0ad0abd229e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:44 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:49:03 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
0
ETag
"54a6233f-3de"
X-Varnish
594501429, 322825445
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
990
leerl.jpg
img.webme.com/pic/w/wolkegirl/ 		641 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/leerl.jpg
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
f70ad6be98c213d79e4ef2481d5384a3f4356a5110966a6abdbfc53fd282c64a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:44 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:48:59 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
0
ETag
"54a6233b-281"
X-Varnish
607853093, 308038924
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
641
lip.jpg
img.webme.com/pic/w/wolkegirl/ 		886 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/lip.jpg
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
6d3a697857080a2b70c6815c3f2db7744d4634ef16cfd3a348f4fdeb529f26b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:44 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:48:59 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
0
ETag
"54a6233b-376"
X-Varnish
608141350, 324501946
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
886
frech.gif
img.webme.com/pic/w/wolkegirl/ 		981 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/frech.gif
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
ec40deac2d283396054f2b777325b261f34ed7f8a308738cbcf84e7e534f76f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:44 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:48:55 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
0
ETag
"54a62337-3d5"
X-Varnish
608012634, 322452021
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
981
schriftl.jpg
img.webme.com/pic/w/wolkegirl/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/schriftl.jpg
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
da399639dafb626a9c68c7572ceb98f00351c01a07a323d22daf1dbed9876fcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:44 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:49:04 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
0
ETag
"54a62340-1665"
X-Varnish
607853095, 308038927
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5733
aprilkalend1.jpg
img.webme.com/pic/w/wolkegirl/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/aprilkalend1.jpg
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
fa31d270418a4c11b6876cf392e4b893540996fdff6204cb246f6edfe34a2178

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:44 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:48:50 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
14904
ETag
"54a62332-58a8"
X-Varnish
586652070, 322825450 316020348
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22696
wolkegirll.png
img.webme.com/pic/w/wolkegirl/ 		215 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/wolkegirll.png
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
918e3f48dcfce6a721e1a355e29c32db960f53dc2de2e6883c8980ea8b2aa5cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:44 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:49:07 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
14904
ETag
"54a62343-d7"
X-Varnish
580465295, 322825443 316481919
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
215
eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=
asrv205.com/adframe/ Frame 6255 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c27fef9961467d7d5a6e1e93df42e4118ec55f5ac20019d512b7f6924bc5e18

Request headers

Referer
https://wolkegirl.de.tl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
847a8c1efb8d7745-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 18 Jan 2024 23:16:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLtF2CLB%2BXErUxdUgNIXYNWduhGPqwLVALyQTV9FYbqbUa1ycQ06U93xtDw4UErq7fed4P%2FG4hxUb%2F6v0DxbrrUFjnWfPeRq3LslOz0gk%2FwupuBlGWV0xO99sxz6q1B8qs%2BNOZlzRdiUUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
juli.jpg
img.webme.com/pic/w/wolkegirl/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/juli.jpg
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
7baab866438bc7e89da2446d40805046712d4ee3aa6a4cd83deeb5eacbbc8fae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:43 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:48:57 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
14904
ETag
"54a62339-1389d"
X-Varnish
585877093, 322825435 315547501
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80029
oben.jpg
img.webme.com/pic/w/wolkegirl/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/oben.jpg
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
b484dcefcb9d7ed092dc1d864d4f411a0304a32f08a81a3a46c718e6a78c3cb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:44 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:49:00 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
14904
ETag
"54a6233c-9a8"
X-Varnish
585802602, 308038922 316072740
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2472
BUTTONLINK
wolkegirl.de.tl/ 		208 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wolkegirl.de.tl/BUTTONLINK
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.238.27.22 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS
de.tl
Software
nginx /
Resource Hash
55f45352064b891be6ebff4011a4c3306d78692674328c246f781805ab66459b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-wm-req.restarts
0
Date
Thu, 18 Jan 2024 23:16:43 GMT
Via
1.1 varnish-v4
Server
nginx
X-wm-VIP
193.238.27.22
Age
0
X-wm-req.backend.healthy
true
X-Varnish
598290548
Content-Type
text/html; charset=iso-8859-1
X-wm-req.backend
SitesGET
Connection
keep-alive
Content-Length
208
obenmitte.jpg
img.webme.com/pic/w/wolkegirl/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/obenmitte.jpg
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
a45d8912ebdb958720ca8b02bab152f9aaf380b91a55ca390117aaf9a73aa1fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:44 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:49:00 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
14904
ETag
"54a6233c-18e2"
X-Varnish
584081524, 322825441 315681921
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6370
obenrechts.jpg
img.webme.com/pic/w/wolkegirl/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/w/wolkegirl/obenrechts.jpg
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
3e5f3aca6f76c26a1e74263b9549e3f6a3eeb1a80f3ce065d36873cba2f7d58b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 23:16:44 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Fri, 02 Jan 2015 04:49:00 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
14904
ETag
"54a6233c-900"
X-Varnish
582856574, 324229688 315715565
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2304
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5513165515302355&plah=wolkegirl.de.tl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5513165515302355&host=ca-host-pub-1483906849246906
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e3886f7b1c133e9964808ae2791c4ec00eb37ab3cf503ce7d26b4e91efe80c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139526
x-xss-protection
0
server
cafe
etag
7965553556441477592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 23:16:44 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240117/r20190131/ Frame 0D9F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240117/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5513165515302355&host=ca-host-pub-1483906849246906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolkegirl.de.tl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 17:48:46 GMT
etag
9219409622527106327
expires
Thu, 01 Feb 2024 17:48:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Kr%C3%A4he_Retargeting_static_300x250.jpg
nextlevel-f353.kxcdn.com/Kr%C3%A4he%20WORKWEAR%20/Retargeting/ Frame 6255
Redirect Chain
  • https://t.adcell.com/p/image?promoId=296418&slotId=105746
  • https://nextlevel-f353.kxcdn.com/Kr%C3%A4he%20WORKWEAR%20/Retargeting/Kr%C3%A4he_Retargeting_static_300x250.jpg
73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nextlevel-f353.kxcdn.com/Kr%C3%A4he%20WORKWEAR%20/Retargeting/Kr%C3%A4he_Retargeting_static_300x250.jpg
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
H2
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
ec17626aae54efa48dd2d2efa8982cb9eb146de7766bf54a5a34dea5d34921f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://asrv205.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:44 GMT
last-modified
Tue, 15 Feb 2022 07:35:37 GMT
server
keycdn
x-edge-location
defr
etag
"123a7-5d809943ec440"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
link
<https://media.imocash.com/Kr%C3%A4he%20WORKWEAR%20/Retargeting/Kr%C3%A4he_Retargeting_static_300x250.jpg>; rel="canonical"
content-length
74663
expires
Fri, 19 Jan 2024 00:16:44 GMT

Redirect headers

date
Thu, 18 Jan 2024 23:16:44 GMT
strict-transport-security
max-age=15768000
server
myracloud
content-type
text/html
location
https://nextlevel-f353.kxcdn.com/Krähe WORKWEAR /Retargeting/Krähe_Retargeting_static_300x250.jpg
cache-control
max-age=0
content-length
0
expires
Thu, 18 Jan 2024 23:16:44 GMT
view
t.adcell.com/p/ Frame D332 		42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adcell.com/p/view?promoId=320700&slotId=105746&pv=1
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://asrv205.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
content-type
image/gif
date
Thu, 18 Jan 2024 23:16:44 GMT
expires
Sat, 11 Jan 2003 12:59:00 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
pragma
no-cache
server
myracloud
strict-transport-security
max-age=15768000
eyJjYW1wYWlnbl9pZCI6MjAsImNyZWF0aXZlX2lkIjozMCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN...
fwdtrk.com/track/ Frame 3B51 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjAsImNyZWF0aXZlX2lkIjozMCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiREUiLCJ0cyI6MTcwNTYxOTgwNH0%3D
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.183.9.176.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer
https://asrv205.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Jan 2024 23:16:44 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
track
fwd.fwdtrk.com/ Frame 3B51 		181 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fwd.fwdtrk.com/track?id=
Requested by
Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjAsImNyZWF0aXZlX2lkIjozMCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiREUiLCJ0cyI6MTcwNTYxOTgwNH0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Tag Manager /
Resource Hash
733a7139b017e002dc22b29457f34632c1e5b1cb50f6ac40af10331ac8ab663a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwdtrk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 18 Jan 2024 22:09:16 GMT
server
Google Tag Manager
via
1.1 google
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
x-xss-protection
0
d
visifeed.org/ Frame F6D3 		407 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by
Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjAsImNyZWF0aXZlX2lkIjozMCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiREUiLCJ0cyI6MTcwNTYxOTgwNH0%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
003e17068f9809957296c6efd0ef039965cc047e8b98249e25fc2f00b40be869

Request headers

Referer
https://fwdtrk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Jan 2024 23:16:44 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
ads
googleads.g.doubleclick.net/pagead/ Frame F441 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513165515302355&output=html&adk=1812271804&adf=3025194257&lmt=1705619804&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fwolkegirl.de.tl%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705619804021&bpp=4&bdt=297&idt=342&shv=r20240117&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2711202884312&frm=20&pv=2&ga_vid=1981205762.1705619804&ga_sid=1705619804&ga_hid=868102089&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31079438%2C31080443%2C42531705%2C95320889%2C95321252%2C95321626%2C95322165&oid=2&pvsid=1428931989238454&tmod=851291116&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=378
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5513165515302355&plah=wolkegirl.de.tl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolkegirl.de.tl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 23:16:44 GMT
expires
Thu, 18 Jan 2024 23:16:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: wolkegirl.de.tl
URL: https://wolkegirl.de.tl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 23:16:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
visifeed.org/ Frame F6D3 		412 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3153&ci=yCZr6Tw%3D&its=9F%5Bt%2ALp5d%3Db%40%7BQD%3BvlPWbV%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by
Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
ca148142a5e0d33f637cb6cb108a6d289420971f5cd87217dafc52a096037d9b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Jan 2024 23:16:44 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
d
visifeed.org/ Frame 2EEC 		347 B
672 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3100&ci=yCZr6Tw%3D&its=9F%5Bt%2ALp5d%3Db%40%7BQD%3BvlPWbV%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by
Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3153&ci=yCZr6Tw%3D&its=9F%5Bt%2ALp5d%3Db%40%7BQD%3BvlPWbV%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
1c82cf7f76c55acacc35d28d139c210818d5c197920758d24f0160dafd977587

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Jan 2024 23:16:44 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
js
fwd.fwdtrk.com/gtag/ Frame 3B51 		263 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fwd.fwdtrk.com/gtag/js?id=G-B6LHGYT55G&l=dataLayer&cx=c
Requested by
Host: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/track?id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
/
Resource Hash
7d026a8a4132c742c6adcbfe09562afaf9ccfd394e86443e71b836ecb3a34415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwdtrk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
application/javascript; charset=UTF-8
date
Thu, 18 Jan 2024 23:16:44 GMT
cache-control
private, max-age=900
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
expires
Thu, 18 Jan 2024 23:31:24 GMT
redirect
api.yieldads.net/ Frame 2EEC 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by
Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3100&ci=yCZr6Tw%3D&its=9F%5Bt%2ALp5d%3Db%40%7BQD%3BvlPWbV%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.208.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-208-113.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/8.2.14
Resource Hash
e4f8218cf5f1b9979fd28476b92f07cc96edb61f4f3ed8607d52b95254615d6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 18 Jan 2024 23:16:44 GMT
server
nginx
x-powered-by
PHP/8.2.14
fp.min.js
api.yieldads.net/js/ Frame 2EEC 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.yieldads.net/js/fp.min.js
Requested by
Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.208.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-208-113.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:44 GMT
content-encoding
gzip
last-modified
Tue, 16 Jan 2024 10:12:10 GMT
server
nginx
etag
W/"65a6567a-864c"
content-type
application/javascript
dark-floating.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-floating.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c221f3541cb3e9513392969f4dbdc0080da7f66332076e22aeb530828ef46a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4478480
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
734
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-c8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgUviC8sq7lRFvJv%2FTiuvDdCg9ENLUrm9wW4F3Zy2OoDEBkHis%2BZuWd3QaottaS4q%2BLL%2F%2BXPFgCOH9OgCeOZtIyyXFsJXxuQFWTqqyvkQjvxsmT5x6zBa3%2BLix%2F3fMNWzPLIfPp0LFooNYiI38yiGjoB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
847a8c248f4e2c63-FRA
expires
Tue, 07 Jan 2025 23:16:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240117&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5513165515302355&plah=wolkegirl.de.tl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5dd7483b7fa4b71294f23253a3f516caf9f3daba929d920d6904453e4888e5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12221
x-xss-protection
0
lights4fun.de
nakoona.com/search/ Frame 2EEC
Redirect Chain
  • https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c...
  • https://nakoona.com/y?t=lights4fun.de&cid=60680e7f324de119b183bd1e7be20ea70bb44b16f47c17c89a5875d98bc43c27&identifier=c150519a19414017
  • https://nakoona.com/search/lights4fun.de
532 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nakoona.com/search/lights4fun.de
Requested by
Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.59.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-59-157.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/7.1.33
Resource Hash
19aea1ae426ccc304b25b8deac2212846be9122d1816ba4659f1458a400a6422

Request headers

Referer
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=6c540c59b12f52bd402e2623e2df93875f861b6b4ffcc492e0e91445d70c3100&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Thu, 18 Jan 2024 23:16:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-powered-by
PHP/7.1.33

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Thu, 18 Jan 2024 23:16:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://nakoona.com/search/lights4fun.de
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-powered-by
PHP/7.1.33
logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/logo.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-floating.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-floating.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4475055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3087
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-c0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZhqarjL5wr60W9qiqW8suAczPyRGyRgq8zFGQZZNbMpgtIHX29EyDqYV7jpaDpUSZestv9JYAWZiVfVaXQOJiyAZ9vCKGnTuy1pOgLPB%2F8L92D9IraziHMW0OSBUI1C1IebQjs1gDxTGwK5CUdqwh0H"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
847a8c24cc66916a-FRA
expires
Tue, 07 Jan 2025 23:16:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5513165515302355&plah=wolkegirl.de.tl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 23:16:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C9EF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolkegirl.de.tl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 18:59:45 GMT
expires
Fri, 17 Jan 2025 18:59:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F83A 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e6c950a00be9b40680b155aedd5889f93848fab01a6c127431cbf4ec5c1e15e1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eJw24a3tUOaKA3hU9QrwPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wolkegirl.de.tl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-eJw24a3tUOaKA3hU9QrwPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 23:16:45 GMT
expires
Thu, 18 Jan 2024 23:16:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.lights4fun.de/ Frame 2EEC
Redirect Chain
  • https://r.linksprf.com/v1/redirect?url=https://lights4fun.de&api_key=0c9f1e13224812486ecdd05fb272f01d&site_id=5a43b939b8a5408586ff2f7960675eb5&type=url&source=https://nakoona.com/de/search/lights4f...
  • https://r.linksprf.com/v2/go?t=et.pu%3A4%2Ftwg.lw2nF.%25o3%2Fswtlhcp.mhc%3Faio%3Dk9n81ie%3Dp454e67c0i9kfef%3D6a5o0n5.8o9%269l3car-f3%3D40407020e4d88ff844466664448ff88d4e02070404%3D3c%26almccrafo%3D...
  • https://www.awin1.com/awclick.php?mid=9958&id=143466&clickref=nakoona.com&clickref2=v030400014389f3864a666d4642fe85d8e6227b484b36&clickref3=5a43b939b8a5408586ff2f7960675eb5&clickref4=nakoona.com&aw...
  • https://www.lights4fun.de/?utm_source=Awin&utm_medium=Affiliate&utm_campaign=Sub+Networks_143466_YIELDKIT+GmbH+-+Content+sites&awc=9958_1705619805_61c1d17f91dae5a87fa7fa5aad1bc7e6
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lights4fun.de/?utm_source=Awin&utm_medium=Affiliate&utm_campaign=Sub+Networks_143466_YIELDKIT+GmbH+-+Content+sites&awc=9958_1705619805_61c1d17f91dae5a87fa7fa5aad1bc7e6
Requested by
Host: nakoona.com
URL: https://nakoona.com/search/lights4fun.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nakoona.com/search/lights4fun.de
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
847a8c2a4dec9a39-FRA
content-encoding
br
content-language
de
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Thu, 18 Jan 2024 23:16:45 GMT
etag
W/"cacheable:17ccb9584d541118ee482454b4b77a94"
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin, <//www.lights4fun.de/cdn/shop/t/65/assets/section-hero.css?v=14742567988446799451700757464>; as="style"; rel="preload", <//www.lights4fun.de/cdn/shop/t/65/assets/sanitize-evergreen.css?v=56979917307373572541694008596>; as="style"; rel="preload", <//www.lights4fun.de/cdn/shop/t/65/assets/layout.css?v=103843091558915391691694008595>; as="style"; rel="preload", <//www.lights4fun.de/cdn/shop/t/65/assets/header-announcement-bar.css?v=181410031988813563201694008595>; as="style"; rel="preload"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTIxxzH7wgdjyMhES3Pr4%2BfOwPxIlG8YnhiDTnToZMsY2eO1JA23iF0bjr1xjz7XTro4hs2z88Vl%2BDeebQI62KWXLpldZRvcFhO9rolcxbZ4I%2FPixNctsRGNjOUAXFA30A%2Fk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=14, db;dur=6, asn;desc="201011", edge;desc="FRA", country;desc="DE", theme;desc="152704942416", pageType;desc="index", servedBy;desc="q9dw", requestID;desc="3455fe4f-cbe8-41a9-93d8-7dd9522bd2be" cfRequestDuration;dur=33.999920, earlyhints
strict-transport-security
max-age=7889238
vary
Accept
x-cache
hit, server
x-content-type-options
nosniff
x-dc
gcp-europe-west3,gcp-europe-west3,gcp-europe-west3
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
3455fe4f-cbe8-41a9-93d8-7dd9522bd2be
x-shardid
335
x-shopid
7409926229
x-shopify-stage
production
x-sorting-hat-podid
335
x-sorting-hat-shopid
7409926229
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block

Redirect headers

Allow
GET
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Thu, 18 Jan 2024 23:16:45 GMT
Location
https://www.lights4fun.de/?utm_source=Awin&utm_medium=Affiliate&utm_campaign=Sub+Networks_143466_YIELDKIT+GmbH+-+Content+sites&awc=9958_1705619805_61c1d17f91dae5a87fa7fa5aad1bc7e6
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame C9EF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
15420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 18:59:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F83A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240117&jk=1428931989238454&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C9EF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8yvB7w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:16:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240117&jk=1428931989238454&bg=!qqmlqebNAAa8BdJLnAU7ADQBe5WfOCol8AQ0eSSr2mu35P6y-_xJuMF-J-6dQQohMKcUhwf-chdoVCGwRbQGrFLxIMXbAgAAAEtSAAAAC2gBBwoAOWQSRq6VHFWnk1Jd39Wu7E1zptJYQIo0HZBW3l_iaiBulSp7LU9ZFy2y2TN552U_PQ7Fwx2GT7lC95kCvRVF92Iyl8LJFAOoxVBKxIu2UhxWgRkxLP3sxhX1uoKjYxUOvz1tY8RH-99F373ysf0O20CwLsByWPcXtb612i6_0mKtP8xNhfISv9PE49cQB5uSKgHw17LBO-mDjn3PR81t305JNCKaMDUXDFgfEKXXbWAgiyxIAaFiWP19wcQ5PGfOwIQSLpJK05Am1wqPDjoCDqLkZkpuaL43gg8OA-B3zYOGvW2KhZZqeDTRqindvAqwsu3xgf9DgtWpx2iWAfaMqWVgYi1_IMVlp4tUTJIw82zpQSDj01LoWIVkImboRFarclJOQghuq5T8w7gAx2QObaZ1GQYtba4ZmIUGRcQz524xE052ZEpN1K04WqKsM-_MH27wj0p30H7Ivu907ZncZjTa8MsCOw9_1MWv8B5fvqG05NsEoQ3LCgTtj3os3Psr3_REQysy4FtAnqnnD6ZknGnD-1yuH5Lr1m1TrXn34JcIYwxx3i2iSGdCYjvJztWaTFq6Me23L5fbOR8-IReXLSQk_o227aZ6i_J5OLCBbpmOQTB47VGpy6_XVGAMgolA1qq_GngFeRMgxX8KjBgHiN9si9Vca7s19jHrvfadtA8OVLiLHV0tYIPWbha89n981AZhhvORAP-i_PQ7ftPOkxcUqd5nRc0JEKN3wxhc5HIYdS98RcKfBw-a38cEdIswa0kWykdMwg39RKlIDFE0nNzPGmj2vjkSMFcMVGfB0A5baq-xLoqEehDH2y9MiKCgI7Fi50yDE7vUJE8tG1R62IStL1EL2XXXv84R8Af3uF7TutKu35J1wux_ApkcgkeqRkROh2STZzWXkuOFH49NeIXB5Ky5mildC5_BGTvTyw9OJ6guJHq2Kbs5u8NaUYhrEWyUbhMqAib8MhyVv1S5w89NNfjTXFSjTSPXb83Kak4YVPX0gqa59RsU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolkegirl.de.tl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 number| dateTimeOffset function| getElementsByClassNameLocalTimeWrapper function| IE function| NS object| cookieconsent_options boolean| hasCookieConsent object| today string| pad function| hoursCheck object| d number| dm number| dj function| Kalender function| SchreibeKopf function| SchreibeZelle object| Monatsname object| Tag number| quotenumber number| randomnumber number| rand1 string| quote object| quotes object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| update_cookieconsent_options object| krucial number| hours number| min number| sec number| day number| month number| year string| sec0 string| min0 string| hours0 string| Dinahours string| which object| GoogleGcLKhOms

8 Cookies

Domain/Path Name / Value
.wolkegirl.de.tl/ Name: PHPSESSID
Value: a06f305d6f082be7a971c6d867474989
t.adcell.com/ Name: ADCELLvpid10420
Value: 320700-105746-%23%23%23%23https%3A%2F%2Fasrv205.com%2F%40%40%40%401705619804
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
api.yieldads.net/ Name: AWSALBTGCORS
Value: Hcm//vKASLjj297Ya5QE2rGMmFZRd1Ff7288Fkne34btu9iWtVQ6gNTKmSq6+TYhUzl3JRCwtULYJTvz3r5sdLHWFrOUbAZP9tBh8DjmAhLTDYaQ7b2WpG/oODvqwcn0fgfLQIpZLnp0rEIcq/zhrsXDDzFehFEL28sCBxszFIUwb0C4EFE=
api.yieldads.net/ Name: AWSALBCORS
Value: AfIPf7prfNmI4e5p8ABHNWwtqKJFf5ePmamic6rJJB+38b0GvBQaYzzz6xEvfl9oOS2TfofkSXFSlqjVZVlJoyiZX4//KRslgCgZkiodiguypKkg/Fnjbv0Df1wS
nakoona.com/ Name: AWSALBCORS
Value: r2fPtp2luPV88jTVzy/h6cLvz1SLc3XnEfm1bEPiiDT7MiA6mNiDewJlES4TfmPWlxRMATkgrqXIKF4G1E1NePERuQeT5jK/iEfkgb6DvDUIHGQjgvbj0VxL0Vy9
.awin1.com/ Name: aw9958
Value: 143466|0|0|1705619805|v030400014389f3864a666d4642fe85d8e6227b484b36-5a43b939b8a5408586ff2f7960675eb5|aw|0
.awin1.com/ Name: bId
Value: HLEX_65a9b15d8f84c4.27060478

6 Console Messages

Source Level URL
Text
security error URL: https://wolkegirl.de.tl/(Line 816)
Message:
Mixed Content: The page at 'https://wolkegirl.de.tl/' was loaded over HTTPS, but requested an insecure frame 'http://counter.seidat.de/count.php?action=zaehlen'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://wolkegirl.de.tl/(Line 827)
Message:
Mixed Content: The page at 'https://wolkegirl.de.tl/' was loaded over HTTPS, but requested an insecure frame 'http://counter.seidat.de/count.php?action=today'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://wolkegirl.de.tl/(Line 831)
Message:
Mixed Content: The page at 'https://wolkegirl.de.tl/' was loaded over HTTPS, but requested an insecure frame 'http://counter.seidat.de/count.php?action=yesterday'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://wolkegirl.de.tl/(Line 835)
Message:
Mixed Content: The page at 'https://wolkegirl.de.tl/' was loaded over HTTPS, but requested an insecure frame 'http://counter.seidat.de/count.php?action=sum'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://wolkegirl.de.tl/BUTTONLINK
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error
Message:
Refused to frame 'https://www.lights4fun.de/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.yieldads.net
asrv205.com
cdnjs.cloudflare.com
fwd.fwdtrk.com
fwdtrk.com
googleads.g.doubleclick.net
img.webme.com
nakoona.com
nextlevel-f353.kxcdn.com
pagead2.googlesyndication.com
r.linksprf.com
t.adcell.com
theme.webme.com
tpc.googlesyndication.com
visifeed.org
wolkegirl.de.tl
www.awin1.com
www.google.com
www.lights4fun.de
176.9.183.55
178.162.223.113
178.162.223.114
18.185.208.113
193.238.27.22
216.239.32.21
23.227.38.74
23.56.205.163
2606:4700:20::681a:dd7
2606:4700::6811:190e
2a00:1450:4001:800::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2004
2a02:cb40:200::242
2a06:98c1:3120::3
2a0b:4d07:101::1
3.120.59.157
3.75.56.58
003e17068f9809957296c6efd0ef039965cc047e8b98249e25fc2f00b40be869
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
19aea1ae426ccc304b25b8deac2212846be9122d1816ba4659f1458a400a6422
1c82cf7f76c55acacc35d28d139c210818d5c197920758d24f0160dafd977587
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2c27fef9961467d7d5a6e1e93df42e4118ec55f5ac20019d512b7f6924bc5e18
34c221f3541cb3e9513392969f4dbdc0080da7f66332076e22aeb530828ef46a
3e5f3aca6f76c26a1e74263b9549e3f6a3eeb1a80f3ce065d36873cba2f7d58b
52738ef63f4f5d74aec2c2d009710029efc884cf4918fb7792eec9f9475be020
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f45352064b891be6ebff4011a4c3306d78692674328c246f781805ab66459b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
6d3a697857080a2b70c6815c3f2db7744d4634ef16cfd3a348f4fdeb529f26b3
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
733a7139b017e002dc22b29457f34632c1e5b1cb50f6ac40af10331ac8ab663a
7baab866438bc7e89da2446d40805046712d4ee3aa6a4cd83deeb5eacbbc8fae
7d026a8a4132c742c6adcbfe09562afaf9ccfd394e86443e71b836ecb3a34415
7e3886f7b1c133e9964808ae2791c4ec00eb37ab3cf503ce7d26b4e91efe80c8
879a3eeaa97becf76b4700922c5a11d9899a309c15d382918a23e7016756d680
918e3f48dcfce6a721e1a355e29c32db960f53dc2de2e6883c8980ea8b2aa5cf
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
a45d8912ebdb958720ca8b02bab152f9aaf380b91a55ca390117aaf9a73aa1fc
a5dd7483b7fa4b71294f23253a3f516caf9f3daba929d920d6904453e4888e5a
b236ebe5b888db1b8336bd80fbf60202a7ebffb728cbfdf7391cdd0a4d460fc7
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b484dcefcb9d7ed092dc1d864d4f411a0304a32f08a81a3a46c718e6a78c3cb8
ca148142a5e0d33f637cb6cb108a6d289420971f5cd87217dafc52a096037d9b
da399639dafb626a9c68c7572ceb98f00351c01a07a323d22daf1dbed9876fcb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f8218cf5f1b9979fd28476b92f07cc96edb61f4f3ed8607d52b95254615d6f
e6c950a00be9b40680b155aedd5889f93848fab01a6c127431cbf4ec5c1e15e1
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ec17626aae54efa48dd2d2efa8982cb9eb146de7766bf54a5a34dea5d34921f2
ec40deac2d283396054f2b777325b261f34ed7f8a308738cbcf84e7e534f76f4
f5a6a67b28067624230540d24be2a49c4aa51ec69115574527ed0ad0abd229e6
f70ad6be98c213d79e4ef2481d5384a3f4356a5110966a6abdbfc53fd282c64a
fa31d270418a4c11b6876cf392e4b893540996fdff6204cb246f6edfe34a2178