URL: http://www.siceu.de/kontakt.html
Submission: On September 14 via api from IE — Scanned from DE

Summary

This website contacted 22 IPs in 7 countries across 24 domains to perform 68 HTTP transactions. The main IP is 85.13.135.3, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.siceu.de.
This is the only time www.siceu.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 85.13.135.3 34788 (NMM-AS D)
4 2a01:4f9:4b:1... 24940 (HETZNER-AS)
4 195.201.169.184 24940 (HETZNER-AS)
2 3 2a01:4f8:10b:... 24940 (HETZNER-AS)
2 94.130.9.175 24940 (HETZNER-AS)
4 185.243.10.137 197540 (NETCUP-AS...)
2 148.251.13.139 24940 (HETZNER-AS)
1 1 34.254.70.82 16509 (AMAZON-02)
1 178.33.221.216 16276 (OVH)
1 1 2a01:4f8:c17:... 24940 (HETZNER-AS)
1 85.10.246.93 24940 (HETZNER-AS)
1 107.189.11.145 53667 (PONYNET)
1 107.189.31.238 53667 (PONYNET)
1 162.19.154.224 16276 (OVH)
6 6 67.199.248.11 396982 (GOOGLE-CL...)
6 192.243.61.227 39572 (ADVANCEDH...)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 3.11.238.206 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.147.52 16509 (AMAZON-02)
3 18.66.147.95 16509 (AMAZON-02)
6 52.56.221.73 16509 (AMAZON-02)
68 22
Apex Domain
Subdomains
Transfer
12 ad4m.at
ad4m.at — Cisco Umbrella Rank: 3248
as.ad4m.at — Cisco Umbrella Rank: 25297
assets.ad4m.at — Cisco Umbrella Rank: 32564
643 KB
7 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 21601
api.webgains.io — Cisco Umbrella Rank: 44543
86 KB
7 googleapis.com
primusmarkt-static.storage.googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
161 KB
6 dustyautoabduct.com
dustyautoabduct.com
5 KB
6 bit.ly
bit.ly — Cisco Umbrella Rank: 4581
828 B
6 siceu.de
www.siceu.de
siceu.de
146 KB
4 primusmarkt.de
www.primusmarkt.de
34 KB
4 cdnplus.de
ref.cdnplus.de — Cisco Umbrella Rank: 205996
lux-c128.cdnplus.de — Cisco Umbrella Rank: 623080
de-c114.cdnplus.de — Cisco Umbrella Rank: 253849
39 KB
4 fastcounter.de
www.fastcounter.de — Cisco Umbrella Rank: 296048
2 KB
3 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 55668
96 KB
3 webgains.com
track.webgains.com — Cisco Umbrella Rank: 37685
6 KB
2 openstream.co
listen.openstream.co — Cisco Umbrella Rank: 278729
str3.openstream.co — Cisco Umbrella Rank: 770991
443 B
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 28286
static.a-ads.com — Cisco Umbrella Rank: 37195
615 KB
2 zuppelzockt.com
zuppelzockt.com
951 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
42 KB
1 misaglam.com
deli.misaglam.com — Cisco Umbrella Rank: 442623
444 B
1 aninter.net
thisis.aninter.net — Cisco Umbrella Rank: 252051
171 B
1 wongsong.cn
vip.wongsong.cn — Cisco Umbrella Rank: 415433
1 radiohost.de
radioearn-stream24.radiohost.de — Cisco Umbrella Rank: 769480
1 radioearn.com
listen.radioearn.com — Cisco Umbrella Rank: 569498
656 B
1 blyatflix.de
c.blyatflix.de — Cisco Umbrella Rank: 220396
189 B
1 s5qj82thv3dw.de
s5qj82thv3dw.de — Cisco Umbrella Rank: 531088
1007 B
1 spaceeditors.com
spaceeditors.com — Cisco Umbrella Rank: 335105
345 B
68 24
Domain Requested by
6 api.webgains.io analytics.webgains.io
6 assets.ad4m.at as.ad4m.at
6 primusmarkt-static.storage.googleapis.com www.primusmarkt.de
6 dustyautoabduct.com zuppelzockt.com
6 bit.ly 6 redirects
4 ad4m.at deli.misaglam.com
ad4m.at
4 www.primusmarkt.de s5qj82thv3dw.de
www.primusmarkt.de
4 www.fastcounter.de www.siceu.de
www.fastcounter.de
4 www.siceu.de www.siceu.de
3 cdn.track.production.webgains.team as.ad4m.at
3 track.webgains.com as.ad4m.at
2 as.ad4m.at ad4m.at
as.ad4m.at
2 ref.cdnplus.de s5qj82thv3dw.de
ref.cdnplus.de
2 zuppelzockt.com spaceeditors.com
zuppelzockt.com
2 siceu.de www.siceu.de
siceu.de
1 analytics.webgains.io track.webgains.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com primusmarkt-static.storage.googleapis.com
1 www.googletagmanager.com www.primusmarkt.de
1 deli.misaglam.com zuppelzockt.com
1 static.a-ads.com ad.a-ads.com
1 de-c114.cdnplus.de www.fastcounter.de
1 thisis.aninter.net 1 redirects
1 vip.wongsong.cn www.fastcounter.de
1 lux-c128.cdnplus.de www.fastcounter.de
1 radioearn-stream24.radiohost.de www.fastcounter.de
1 listen.radioearn.com 1 redirects
1 str3.openstream.co www.fastcounter.de
1 listen.openstream.co 1 redirects
1 ad.a-ads.com s5qj82thv3dw.de
1 c.blyatflix.de 1 redirects
1 s5qj82thv3dw.de www.fastcounter.de
1 spaceeditors.com www.fastcounter.de
68 33

This site contains links to these domains. Also see Links.

Domain
siceu.de
Subject Issuer Validity Valid
www.fastcounter.de
R3
2022-08-18 -
2022-11-16
3 months crt.sh
spaceeditors.com
R3
2022-08-23 -
2022-11-21
3 months crt.sh
s5qj82thv3dw.de
R3
2022-08-30 -
2022-11-28
3 months crt.sh
zuppelzockt.com
R3
2022-09-13 -
2022-12-12
3 months crt.sh
ref.cdnplus.de
R3
2022-08-30 -
2022-11-28
3 months crt.sh
www.primusmarkt.de
R3
2022-07-28 -
2022-10-26
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2021-12-08 -
2023-01-08
a year crt.sh
lux-c128.cdnplus.de
R3
2022-08-12 -
2022-11-10
3 months crt.sh
vip.wongsong.cn
R3
2022-07-26 -
2022-10-24
3 months crt.sh
deli.misaglam.com
R3
2022-08-23 -
2022-11-21
3 months crt.sh
dustyautoabduct.com
R3
2022-07-25 -
2022-10-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-07 -
2023-06-06
a year crt.sh
*.storage.googleapis.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.webgains.com
Amazon
2022-06-14 -
2023-07-13
a year crt.sh
*.webgains.io
Amazon
2022-08-23 -
2023-09-21
a year crt.sh
cdn.track.production.webgains.team
Amazon
2022-08-08 -
2023-09-06
a year crt.sh

This page contains 17 frames:

Primary Page: http://www.siceu.de/kontakt.html
Frame ID: 78B1BD3E64C9084562219E8E76020C8A
Requests: 7 HTTP requests in this frame

Frame: http://siceu.de/upload/GEWINN.html
Frame ID: 86FD1244C6422215C9FC2550C60A4323
Requests: 2 HTTP requests in this frame

Frame: https://www.fastcounter.de/b.php
Frame ID: 47FD50006808600F01060263731A4069
Requests: 8 HTTP requests in this frame

Frame: https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Frame ID: 17B323D2000C501400234FE540B076AE
Requests: 1 HTTP requests in this frame

Frame: https://ref.cdnplus.de/
Frame ID: E28F957BF9CD94C037F699329CC726E6
Requests: 2 HTTP requests in this frame

Frame: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Frame ID: 4C1E3607D7C44B8502FAE2EB59EA2C88
Requests: 13 HTTP requests in this frame

Frame: https://ad.a-ads.com/1616084?size=300x250
Frame ID: CFD9F0F3751F9946EF4ED7330E3E2DF5
Requests: 2 HTTP requests in this frame

Frame: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Frame ID: 07E3714F1046094AE6C5D44261BF29ED
Requests: 1 HTTP requests in this frame

Frame: https://deli.misaglam.com/influ/6.html
Frame ID: 1E0B61B862C89BE402C128DCE710F1C8
Requests: 3 HTTP requests in this frame

Frame: https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Frame ID: BA078575CF3309527A8F798FFE38AFEF
Requests: 1 HTTP requests in this frame

Frame: https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Frame ID: 9C3CB62EF3025C9509701443C1819D06
Requests: 1 HTTP requests in this frame

Frame: https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Frame ID: F464D608C681108F21E56E91C3AE0B10
Requests: 1 HTTP requests in this frame

Frame: https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Frame ID: 3A4B79935A17430EFFCF077CF5CEEB7F
Requests: 1 HTTP requests in this frame

Frame: https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Frame ID: 8717A7235A38FD649A302AFAECD858F3
Requests: 1 HTTP requests in this frame

Frame: https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Frame ID: 3567E02BE12165AA8E4417E9A49A6D35
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 029F8FE38560A54ACA74D701DA6B7F2E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Frame ID: 102FE83C40E7A48BDC7FE48E8E4BC0C5
Requests: 18 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • uikit.*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

87 %
HTTPS

32 %
IPv6

24
Domains

33
Subdomains

22
IPs

7
Countries

1897 kB
Transfer

3118 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://c.blyatflix.de/nora/?t=1663153287 HTTP 302
  • https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Request Chain 15
  • https://listen.openstream.co/5228/audio HTTP 302
  • https://str3.openstream.co/1799?aw_0_1st.collectionid%3D5228%26stationId%3D5228%26publisherId%3D1823%26k%3D1663153287%26aw_0_azn.pcountry%3D%5B%22DE%22%2C%22US%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Electronic%22%2C%22Schlager%22%2C%22Explicit%22%5D
Request Chain 16
  • https://listen.radioearn.com/radioearn-mixed/mp3-128 HTTP 302
  • https://radioearn-stream24.radiohost.de/radioearn-mixed_mp3-128
Request Chain 19
  • https://thisis.aninter.net/ HTTP 302
  • https://de-c114.cdnplus.de/antibot.mp3
Request Chain 24
  • https://bit.ly/3BAiVdL HTTP 301
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Request Chain 25
  • https://bit.ly/3BAiVdL HTTP 301
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Request Chain 26
  • https://bit.ly/3BAiVdL HTTP 301
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Request Chain 27
  • https://bit.ly/3BAiVdL HTTP 301
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Request Chain 28
  • https://bit.ly/3BAiVdL HTTP 301
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Request Chain 29
  • https://bit.ly/3BAiVdL HTTP 301
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request kontakt.html
www.siceu.de/
16 KB
3 KB
Document
General
Full URL
http://www.siceu.de/kontakt.html
Protocol
HTTP/1.1
Server
85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd12828.kasserver.com
Software
Apache /
Resource Hash
ff66f7dbd78649250fda9929c65b5f2d78d5914b1e6b74729ed38487c64a453c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
2691
Content-Type
text/html
Date
Wed, 14 Sep 2022 11:01:26 GMT
ETag
"4136-5e2a5b1a194b4-gzip"
Keep-Alive
timeout=2, max=1000
Last-Modified
Thu, 30 Jun 2022 08:02:41 GMT
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding,User-Agent
logo-safe.jpg
www.siceu.de/images/
66 KB
66 KB
Image
General
Full URL
http://www.siceu.de/images/logo-safe.jpg
Requested by
Host: www.siceu.de
URL: http://www.siceu.de/kontakt.html
Protocol
HTTP/1.1
Server
85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd12828.kasserver.com
Software
Apache /
Resource Hash
5f0a71528d959fd60cd17a04f15a4752efb3a83f1d85413404cb3fe49817406b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.siceu.de/kontakt.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 11:01:26 GMT
Last-Modified
Fri, 10 Jun 2022 16:18:25 GMT
Server
Apache
ETag
"10853-5e11a49b2e0c4"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=999
Content-Length
67667
proxy-image.jpg
www.siceu.de/images/
25 KB
26 KB
Image
General
Full URL
http://www.siceu.de/images/proxy-image.jpg
Requested by
Host: www.siceu.de
URL: http://www.siceu.de/kontakt.html
Protocol
HTTP/1.1
Server
85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd12828.kasserver.com
Software
Apache /
Resource Hash
54124f966bb97840a1747555593fc37100852d76364418a31ec53888af385335

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.siceu.de/kontakt.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 11:01:26 GMT
Last-Modified
Tue, 07 Dec 2021 11:26:35 GMT
Server
Apache
ETag
"6560-5d28ca567a261"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=2, max=1000
Content-Length
25952
videokall.jpg
www.siceu.de/images/
49 KB
50 KB
Image
General
Full URL
http://www.siceu.de/images/videokall.jpg
Requested by
Host: www.siceu.de
URL: http://www.siceu.de/kontakt.html
Protocol
HTTP/1.1
Server
85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd12828.kasserver.com
Software
Apache /
Resource Hash
05d596fba6ceb784da475d3312851a602b9c1ce38c3e3c761292bc1767a833e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.siceu.de/kontakt.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 11:01:26 GMT
Last-Modified
Wed, 08 Sep 2021 13:04:38 GMT
Server
Apache
ETag
"c5fa-5cb7b8658199f"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=2, max=1000
Content-Length
50682
GEWINN.html
siceu.de/upload/ Frame 86FD
1 KB
1000 B
Document
General
Full URL
http://siceu.de/upload/GEWINN.html
Requested by
Host: www.siceu.de
URL: http://www.siceu.de/kontakt.html
Protocol
HTTP/1.1
Server
85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd12828.kasserver.com
Software
Apache /
Resource Hash
8d34a19ae835202b58c6c9e2497fd849d6e1d11d13a08afc9de597edbc0d4920

Request headers

Referer
http://www.siceu.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
641
Content-Type
text/html
Date
Wed, 14 Sep 2022 11:01:26 GMT
ETag
"4aa-5e89e120ee253-gzip"
Keep-Alive
timeout=2, max=1000
Last-Modified
Wed, 14 Sep 2022 07:28:08 GMT
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding,User-Agent
fcount.php
www.fastcounter.de/
1 KB
647 B
Script
General
Full URL
https://www.fastcounter.de/fcount.php?rnd=95220102613
Requested by
Host: www.siceu.de
URL: http://www.siceu.de/kontakt.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b913afdcba01154b64f57990dad9701e597ef22356499b10a79b5fdc6bae6849

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.siceu.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 11:01:26 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
nginx/1.18.0
content-encoding
gzip
content-type
text/html; charset=UTF-8
style.css
siceu.de/upload/ Frame 86FD
0
0
Stylesheet
General
Full URL
http://siceu.de/upload/style.css
Requested by
Host: siceu.de
URL: http://siceu.de/upload/GEWINN.html
Protocol
HTTP/1.1
Server
85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd12828.kasserver.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://siceu.de/upload/GEWINN.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 11:01:26 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=999
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
fcounter.php
www.fastcounter.de/
910 B
992 B
Script
General
Full URL
https://www.fastcounter.de/fcounter.php?test=1&rnd=33282947&s=gray&id=35973&l=en-US&u=&w=1600&h=1200
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcount.php?rnd=95220102613
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
157beb18f9680c663116d47e9bb0bdc2229997974443ae88938d0dba73a3d6ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.siceu.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:26 GMT
server
nginx/1.18.0
content-length
910
content-type
text/javascript;charset=UTF-8
b.php
www.fastcounter.de/ Frame 47FD
373 B
362 B
Document
General
Full URL
https://www.fastcounter.de/b.php
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcounter.php?test=1&rnd=33282947&s=gray&id=35973&l=en-US&u=&w=1600&h=1200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8f83558688168d9446991e2598bbd6013c98b50331e4a096e260f5b2dbe2b6bd

Request headers

Referer
http://www.siceu.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 11:01:27 GMT
server
nginx/1.18.0
fastcounter-banner-gray.gif
www.fastcounter.de/CIncludes/img/
167 B
292 B
Image
General
Full URL
https://www.fastcounter.de/CIncludes/img/fastcounter-banner-gray.gif
Requested by
Host: www.siceu.de
URL: http://www.siceu.de/kontakt.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3c8ccb6999f4b357495a29295b17c4be3d4b9853df8eed92d491cd47707cea87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.siceu.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:26 GMT
last-modified
Tue, 09 Sep 2014 14:37:31 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"540f10ab-a7"
content-length
167
content-type
image/gif
jquery.php
spaceeditors.com/ Frame 47FD
229 B
345 B
Script
General
Full URL
https://spaceeditors.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
d8f0a53ee58a6d0a6cbf8b782be447af1c3fd19816d8dec1384bcc86fd2ff4ff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 14 Sep 2022 11:01:27 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
jw.js
s5qj82thv3dw.de/ Frame 47FD
4 KB
1007 B
Script
General
Full URL
https://s5qj82thv3dw.de/jw.js?de=E6eMu7U8GN5V2QLU
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
fbc3452dd83d5a998ca75c6d4657ae8a83f56d7b4e917dda3daff842d9ebb1fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/javascript;charset=utf-8
b2.php
zuppelzockt.com/ Frame 17B3
692 B
576 B
Document
General
Full URL
https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Requested by
Host: spaceeditors.com
URL: https://spaceeditors.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
9b4e21734188f38fcdbd418ac5180dda4fb59dd4a1b1df1538ad77970f68ba55
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 11:01:27 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
ref.cdnplus.de/ Frame E28F
805 B
761 B
Document
General
Full URL
https://ref.cdnplus.de/
Requested by
Host: s5qj82thv3dw.de
URL: https://s5qj82thv3dw.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
12d6442269899e927ad1d0a0bdad4e028eaa96580b7a0c4049c805640840f4f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 11:01:27 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
wechselstube-klammlose-primera.html
www.primusmarkt.de/ Frame 4C1E
Redirect Chain
  • https://c.blyatflix.de/nora/?t=1663153287
  • https://www.primusmarkt.de/wechselstube-klammlose-primera.html
107 KB
8 KB
Document
General
Full URL
https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Requested by
Host: s5qj82thv3dw.de
URL: https://s5qj82thv3dw.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.243.10.137 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.15.5 / PHP/7.3.33
Resource Hash
873d531ee037aa2c768258f1a318752e8895d030054baf1a450356c4bb202d00
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 11:01:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx/1.15.5
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 11:01:27 GMT
location
https://www.primusmarkt.de/wechselstube-klammlose-primera.html
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
1616084
ad.a-ads.com/ Frame CFD9
12 KB
5 KB
Document
General
Full URL
https://ad.a-ads.com/1616084?size=300x250
Requested by
Host: s5qj82thv3dw.de
URL: https://s5qj82thv3dw.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.139.13.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
948bb19ea8791887660bb2008db9fc84a89e30953cea07254ba50313c08792be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 14 Sep 2022 11:01:27 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
1799
str3.openstream.co/ Frame 47FD
Redirect Chain
  • https://listen.openstream.co/5228/audio
  • https://str3.openstream.co/1799?aw_0_1st.collectionid%3D5228%26stationId%3D5228%26publisherId%3D1823%26k%3D1663153287%26aw_0_azn.pcountry%3D%5B%22DE%22%2C%22US%22%5D%26aw_0_azn.planguage%3D%5B%22de...
128 KB
0
Media
General
Full URL
https://str3.openstream.co/1799?aw_0_1st.collectionid%3D5228%26stationId%3D5228%26publisherId%3D1823%26k%3D1663153287%26aw_0_azn.pcountry%3D%5B%22DE%22%2C%22US%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Electronic%22%2C%22Schlager%22%2C%22Explicit%22%5D
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.0
Server
178.33.221.216 , France, ASN16276 (OVH, FR),
Reverse DNS
ip216.ip-178-33-221.eu
Software
Icecast 2.3.3 kh11 8.4.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

icy-genre
dance, techno, mixes, events
Pragma
no-cache
icy-name
FastDance.FM | Electronic Music Radio
Server
Icecast 2.3.3 kh11 8.4.0
icy-br
128
icy-url
https://fastdance.fm
Instance-id
ae1885a71d379d6bc9758c94ebbf1513
Cache-Control
no-cache
icy-pub
1
Connection
close
Content-Type
audio/mpeg
icy-metaint
0
icy-description
24/7 best mixes, events, dance, techno and more...
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 14 Sep 2022 11:01:27 GMT
server
Apache/2.4.38 (Debian)
os-server-ip
172.17.0.2
access-control-allow-origin
*
location
https://str3.openstream.co/1799?aw_0_1st.collectionid%3D5228%26stationId%3D5228%26publisherId%3D1823%26k%3D1663153287%26aw_0_azn.pcountry%3D%5B%22DE%22%2C%22US%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Electronic%22%2C%22Schlager%22%2C%22Explicit%22%5D
x-powered-by
PHP/7.4.23
access-control-max-age
1000
content-type
text/html; charset=UTF-8
os-server-name
listen.openstream.co
os-server-id
ecs-ec2
access-control-allow-headers
*
content-length
0
radioearn-mixed_mp3-128
radioearn-stream24.radiohost.de/ Frame 47FD
Redirect Chain
  • https://listen.radioearn.com/radioearn-mixed/mp3-128
  • https://radioearn-stream24.radiohost.de/radioearn-mixed_mp3-128?
128 KB
0
Media
General
Full URL
https://radioearn-stream24.radiohost.de/radioearn-mixed_mp3-128?
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.0
Server
85.10.246.93 Durrlauingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
radioearn-stream24.radiohost.de
Software
Radiohost.de - radioearn-stream24.radiohost.de 9.0.7 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

icy-url
icy-name
radioearn-mixed
icy-description
Unspecified description
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Instance-id
e2ea0c2bee98bf5ec8473aa332e128fa
Connection
close
Cache-Control
no-cache
X-Loudness
-16.392820
Pragma
no-cache
Server
Radiohost.de - radioearn-stream24.radiohost.de 9.0.7
icy-br
128
Content-Type
audio/mpeg
Access-Control-Allow-Origin
*
icy-genre
various
icy-pub
0
icy-audio-info
channels=2;samplerate=44100;bitrate=128
icy-metaint
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 11:01:27 GMT
Server
nginx/1.14.2
Location
https://radioearn-stream24.radiohost.de/radioearn-mixed_mp3-128?
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Sun, 01 Jan 2014 00:00:00 GMT
;0.mp3
lux-c128.cdnplus.de/ Frame 47FD
133 KB
0
Media
General
Full URL
https://lux-c128.cdnplus.de:8700/;0.mp3
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.189.11.145 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
h128.hubuhost.com
Software
/
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

icy-name
BLACKBEATS.FM RADIO - Finest Black Music
X-Clacks-Overhead
GNU Terry Pratchett
icy-br
128
icy-notice2
Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url
http://blackbeats.fm
Access-Control-Allow-Origin
*
icy-genre
Black, RnB, Hip-Hop
icy-sr
44100
icy-pub
1
Connection
close
Accept-Ranges
none
content-type
audio/mpeg
icy-notice1
<BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
Cache-Control
no-cache,no-store,must-revalidate,max-age=0
stream-mp3-WongSong
vip.wongsong.cn/proxy/wongsong/ Frame 47FD
131 KB
0
Media
General
Full URL
https://vip.wongsong.cn/proxy/wongsong/stream-mp3-WongSong
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
107.189.31.238 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
h132.hubuhost.com
Software
cc-web/1.6.3 /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

icy-genre
Pop
Date
Wed, 14 Sep 2022 11:01:27 GMT
icy-name
WongSong.cn - Music of China
Transfer-Encoding
chunked
icy-url
https://wongsong.cn
Connection
keep-alive
Server
cc-web/1.6.3
icy-br
128
Access-Control-Allow-Methods
GET, OPTIONS, SOURCE, PUT, HEAD, STATS
Content-Type
audio/mpeg
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
icy-pub
1
icy-description
We bring Asian Flavour to Western World.
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Icy-MetaData
Expires
Mon, 26 Jul 1997 05:00:00 GMT
antibot.mp3
de-c114.cdnplus.de/ Frame 47FD
Redirect Chain
  • https://thisis.aninter.net/
  • https://de-c114.cdnplus.de/antibot.mp3
136 KB
0
Media
General
Full URL
https://de-c114.cdnplus.de/antibot.mp3
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.0
Server
162.19.154.224 , France, ASN16276 (OVH, FR),
Reverse DNS
de-c114.cdnplus.de
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

icy-name
Hubu.FM | Radio Hunteburg
X-Clacks-Overhead
GNU Terry Pratchett
icy-br
128
icy-notice2
Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url
https://hubu.fm
Access-Control-Allow-Origin
*
icy-genre
Misc, News
icy-sr
44100
icy-pub
1
Connection
close
Accept-Ranges
none
content-type
audio/mpeg
icy-notice1
<BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
Cache-Control
no-cache,no-store,must-revalidate,max-age=0

Redirect headers

location
https://de-c114.cdnplus.de/antibot.mp3
date
Wed, 14 Sep 2022 11:01:27 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
in4.php
zuppelzockt.com/ Frame 07E3
903 B
375 B
Document
General
Full URL
https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
9cce6eeb371d9753345cd13ac5532ad92cda459a5a88bf6afa4ffd85b6cdb30f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 11:01:27 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
jquery.min.js
ref.cdnplus.de/ Frame E28F
94 KB
38 KB
Script
General
Full URL
https://ref.cdnplus.de/jquery.min.js
Requested by
Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ref.cdnplus.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 14:16:34 GMT
server
nginx
etag
W/"628f8bc2-1762a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Wed, 21 Sep 2022 11:01:27 GMT
300x250
static.a-ads.com/a-ads-banners/393795/ Frame CFD9
609 KB
610 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/393795/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.139.13.251.148.clients.your-server.de
Software
nginx /
Resource Hash
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
last-modified
Tue, 31 May 2022 13:40:41 GMT
server
nginx
x-amz-request-id
PWTJ614DZ1G29HD7
etag
"022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
623504
accept-ranges
bytes
x-amz-version-id
FNTy6PSZIujNe9T_DALSYLZHxxf2zICy
x-amz-id-2
E+WUoYDuLUsugpWounp/bSdkf+L2nkJS3ZXxGqpT1zuvXWsk2jjVR4zbd9K78ugAiUFRlRttXSU=
expires
Thu, 31 Dec 2037 23:55:55 GMT
6.html
deli.misaglam.com/influ/ Frame 1E0B
356 B
444 B
Document
General
Full URL
https://deli.misaglam.com/influ/6.html
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
a4c53f3e8b4b7c98e4ccc342a9048fbf9fb55158c71832581a02ef280f8ee9cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zuppelzockt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 14 Sep 2022 11:01:27 GMT
etag
W/"631276db-164"
last-modified
Fri, 02 Sep 2022 21:34:19 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
ce3z7hqphc
dustyautoabduct.com/ Frame BA07
Redirect Chain
  • https://bit.ly/3BAiVdL
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
115 B
914 B
Document
General
Full URL
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://zuppelzockt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html
Date
Wed, 14 Sep 2022 11:01:27 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
813f4a66d14beedd105d2374faa3435f

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
162
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 11:01:27 GMT
location
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
server
nginx
via
1.1 google
ce3z7hqphc
dustyautoabduct.com/ Frame 9C3C
Redirect Chain
  • https://bit.ly/3BAiVdL
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
115 B
914 B
Document
General
Full URL
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://zuppelzockt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html
Date
Wed, 14 Sep 2022 11:01:27 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
02db51253a4a47996bc03803fc8e3b85

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
162
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 11:01:27 GMT
location
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
server
nginx
via
1.1 google
ce3z7hqphc
dustyautoabduct.com/ Frame F464
Redirect Chain
  • https://bit.ly/3BAiVdL
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
115 B
914 B
Document
General
Full URL
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://zuppelzockt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html
Date
Wed, 14 Sep 2022 11:01:27 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
55c143ecba746f2f1926d2b3935cd4a2

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
162
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 11:01:27 GMT
location
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
server
nginx
via
1.1 google
ce3z7hqphc
dustyautoabduct.com/ Frame 3A4B
Redirect Chain
  • https://bit.ly/3BAiVdL
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
115 B
914 B
Document
General
Full URL
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://zuppelzockt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html
Date
Wed, 14 Sep 2022 11:01:27 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
75a43e4766420616f76e0dbd7141aec4

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
162
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 11:01:27 GMT
location
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
server
nginx
via
1.1 google
ce3z7hqphc
dustyautoabduct.com/ Frame 8717
Redirect Chain
  • https://bit.ly/3BAiVdL
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
115 B
914 B
Document
General
Full URL
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://zuppelzockt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html
Date
Wed, 14 Sep 2022 11:01:27 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
e526c100070f44b22f810ad6dc5929e9

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
162
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 11:01:27 GMT
location
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
server
nginx
via
1.1 google
ce3z7hqphc
dustyautoabduct.com/ Frame 3567
Redirect Chain
  • https://bit.ly/3BAiVdL
  • https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
115 B
914 B
Document
General
Full URL
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://zuppelzockt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html
Date
Wed, 14 Sep 2022 11:01:27 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
39a997a57f4d83d2d223fa33a7314943

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
162
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 11:01:27 GMT
location
https://dustyautoabduct.com/ce3z7hqphc?key=c57806fb645c12a269d2445dcbf5e719
server
nginx
via
1.1 google
wgpizbdq.js
ad4m.at/ Frame 1E0B
36 KB
13 KB
Script
General
Full URL
https://ad4m.at/wgpizbdq.js
Requested by
Host: deli.misaglam.com
URL: https://deli.misaglam.com/influ/6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deli.misaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87531
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:47 GMT
server
cloudflare
etag
W/"ac60ade5ed7352595cc3030edbc5e415"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2dsnAZ%2FD9RdM2xjR7Ze1hZxXz4fvkwYIWOIs6%2BtJWWkuxXdQ%2BbI1843ks84YnP6Ow8nMfsGpfW3w%2FGasbpSM6SfkmGpVvjKsnKOJvodFkQ2U%2FuEcPpVdDP%2FVa04ZBTC%2BhNIvVg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Tue, 06 Sep 2022 11:29:33 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74a89fee1ccc915e-FRA
cf-bgj
minify
frame.html
ad4m.at/ Frame 029F
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1695376
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74a89fef4ef5915e-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 11:01:27 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5IrZjqaSGi7kmrOMq2EDxpmgJ9Oq53xI0%2BURO%2FKRxvfETLOeuh7pi63aDiedd3oxeq1DEhLTyUKpKdjNu4qDGmOPWUWc0U9llmnaM4uufD1XQFQ0lFu%2BhMbyiNxj8MLdrWtmpE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
uikit.almost-flat.min.css
primusmarkt-static.storage.googleapis.com/assets/css/ Frame 4C1E
107 KB
19 KB
Stylesheet
General
Full URL
https://primusmarkt-static.storage.googleapis.com/assets/css/uikit.almost-flat.min.css
Requested by
Host: www.primusmarkt.de
URL: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d90648c00843d27a23ae8d00286eb4bdf53a512e02adb3a18e4076799deef05b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:01:44 GMT
content-encoding
gzip
age
3583
x-guploader-uploadid
ADPycdsjwpAMhvfNmtMeZbAS4SN2s-j6IXpWHdjwuva86THdGGoCtHchPuqIEM2bG-je9Ac_EA5jL5stLgHc65AryFZ3X-sEe0_b
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
last-modified
Wed, 13 Jul 2022 14:46:31 GMT
server
UploadServer
etag
"ece81b43a6d3d524201da95af9cea521"
x-goog-hash
crc32c=rnRLeQ==, md5=7OgbQ6bT1SQgHala+c6lIQ==
x-goog-generation
1657723591844671
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000,no-transform
x-goog-stored-content-length
19672
accept-ranges
bytes
content-type
text/css
expires
Thu, 14 Sep 2023 10:01:44 GMT
theme.css
primusmarkt-static.storage.googleapis.com/assets/css/ Frame 4C1E
10 KB
3 KB
Stylesheet
General
Full URL
https://primusmarkt-static.storage.googleapis.com/assets/css/theme.css?3
Requested by
Host: www.primusmarkt.de
URL: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fae126d3a1bbd73f9708f26700a61ac7e182adaf16ffba42b8b0d16e3cfe9215

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:02:28 GMT
content-encoding
gzip
age
3539
x-guploader-uploadid
ADPycdtQO3ZcZpH1hqdkDfR7nm_L2b2meGeT1VMY3XSCD5VCLHZMXWuW8JYiElK4-YrOomG9Owx1J4nUa6Ymp7eDXhB4prUmfleW
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2587
last-modified
Wed, 13 Jul 2022 14:46:29 GMT
server
UploadServer
etag
"c260bec48a4edddd98fa41d1d5d6674b"
x-goog-hash
crc32c=X+wNqw==, md5=wmC+xIpO3d2Y+kHR1dZnSw==
x-goog-generation
1657723589103314
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000,no-transform
x-goog-stored-content-length
2587
accept-ranges
bytes
content-type
text/css
expires
Thu, 14 Sep 2023 10:02:28 GMT
jquery.min.js
primusmarkt-static.storage.googleapis.com/assets/js/ Frame 4C1E
85 KB
30 KB
Script
General
Full URL
https://primusmarkt-static.storage.googleapis.com/assets/js/jquery.min.js
Requested by
Host: www.primusmarkt.de
URL: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
892fcc249b9b0fd6e8727741d21d5cdd5474238327ba116308b5dfad6ddfd1bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:59:44 GMT
content-encoding
gzip
age
103
x-guploader-uploadid
ADPycdvrr-Xuj9rSO9tr6J1nXi111ctugNFtsYsqK9ZTDqRhACacNE07yhBTCGyZFA9iN1B_DCgqbll0ktJozU8ffDqnkA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30079
last-modified
Wed, 13 Jul 2022 14:46:07 GMT
server
UploadServer
etag
"3a5a40ef8c24789d06107eef6442d819"
x-goog-hash
crc32c=Ws7Ezg==, md5=OlpA74wkeJ0GEH7vZELYGQ==
x-goog-generation
1657723567943927
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000,no-transform
x-goog-stored-content-length
30079
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 14 Sep 2023 10:59:44 GMT
uikit.min.js
primusmarkt-static.storage.googleapis.com/assets/js/ Frame 4C1E
55 KB
15 KB
Script
General
Full URL
https://primusmarkt-static.storage.googleapis.com/assets/js/uikit.min.js
Requested by
Host: www.primusmarkt.de
URL: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
00e2768a2298a27c65f487c38443c821db861cd1decd09fc9d0268b8f462f5aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:59:44 GMT
content-encoding
gzip
age
103
x-guploader-uploadid
ADPycduS3RL62Kp8qenIGassANDZB9fJcHNVdiHfoaXCFlrJLr7za6KAV3gG7mYkw_Tlqy0mxX1O8_6Tm3v6-ap6sHNcTg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15260
last-modified
Wed, 13 Jul 2022 14:46:08 GMT
server
UploadServer
etag
"ca6ed2fda8aeeadfff6ceccedc06b91b"
x-goog-hash
crc32c=EoSHDA==, md5=ym7S/aiu6t//bOzO3Aa5Gw==
x-goog-generation
1657723568517366
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000,no-transform
x-goog-stored-content-length
15260
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 14 Sep 2023 10:59:44 GMT
grid.min.js
primusmarkt-static.storage.googleapis.com/assets/js/components/ Frame 4C1E
6 KB
3 KB
Script
General
Full URL
https://primusmarkt-static.storage.googleapis.com/assets/js/components/grid.min.js
Requested by
Host: www.primusmarkt.de
URL: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a4da6ab55f8e4a7696be8bc3ddf1c594610315b72b8e28558c1ede556b45c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:02:28 GMT
content-encoding
gzip
age
3539
x-guploader-uploadid
ADPycdvJ_6M5TtDckB3eyB5lpByoO_-rcM2erzs2zVMhvcsxPL2wE_IL2knUK3crVyTxzz43hJOxgDSLUYUzMA37uFb_JA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2585
last-modified
Wed, 13 Jul 2022 14:46:11 GMT
server
UploadServer
etag
"d8d7bf06a143bc49fa792327b517cdb7"
x-goog-hash
crc32c=VziAjQ==, md5=2Ne/BqFDvEn6eSMntRfNtw==
x-goog-generation
1657723571804022
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000,no-transform
x-goog-stored-content-length
2585
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 14 Sep 2023 10:02:28 GMT
ajax.js
primusmarkt-static.storage.googleapis.com/javascript/ Frame 4C1E
89 KB
90 KB
Script
General
Full URL
https://primusmarkt-static.storage.googleapis.com/javascript/ajax.js
Requested by
Host: www.primusmarkt.de
URL: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c32fe64a75e99b3673b9ee903ed927e5ace1581457e72b4c0e2c6fed08660ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:01:44 GMT
age
3583
x-guploader-uploadid
ADPycdtLUsw46NPPVxIcfGk4qMlplawmT6loHcjxieIBUQeOoPeDL2lzDcVnfgxxB_vSK8sJpHPt-RGRwnNFYrAigWkqkbXdrQ6u
x-goog-storage-class
REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91558
last-modified
Sun, 20 Aug 2017 20:02:26 GMT
server
UploadServer
etag
"3578d0904951b3ca08ab4ec4f3a259a8"
x-goog-hash
crc32c=w8zh/A==, md5=NXjQkElRs8oIq07E86JZqA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1503259346599877
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
91558
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 14 Sep 2023 10:01:44 GMT
market.js
www.primusmarkt.de/javascript/ Frame 4C1E
6 KB
2 KB
Script
General
Full URL
https://www.primusmarkt.de/javascript/market.js?v2
Requested by
Host: www.primusmarkt.de
URL: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.243.10.137 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
36b13e946d3a282cf2258d2a4c94db3e0ace5290b0c349cda8628fac3c177ed9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/wechselstube-klammlose-primera.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2019 17:37:28 GMT
server
nginx/1.15.5
etag
W/"5c82a858-1703"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
chart_big.png
www.primusmarkt.de/images/ Frame 4C1E
15 KB
15 KB
Image
General
Full URL
https://www.primusmarkt.de/images/chart_big.png
Requested by
Host: www.primusmarkt.de
URL: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.243.10.137 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
1c33e47678a345c22edae3f267f021b8efee61febfadc97d23e7aab3e4a7e4bf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/wechselstube-klammlose-primera.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
last-modified
Fri, 08 Mar 2019 17:37:28 GMT
server
nginx/1.15.5
etag
"5c82a858-3c88"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
15496
loading_image.gif
www.primusmarkt.de/images/ Frame 4C1E
9 KB
9 KB
Image
General
Full URL
https://www.primusmarkt.de/images/loading_image.gif
Requested by
Host: www.primusmarkt.de
URL: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.243.10.137 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
8c2eb6a48bdaf70d84b6856aafc35a9cfa880ec5486b70d55ced577327a60fba
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/wechselstube-klammlose-primera.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
last-modified
Fri, 08 Mar 2019 17:37:28 GMT
server
nginx/1.15.5
etag
"5c82a858-24d3"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
9427
js
www.googletagmanager.com/gtag/ Frame 4C1E
106 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-116074408-1
Requested by
Host: www.primusmarkt.de
URL: https://www.primusmarkt.de/wechselstube-klammlose-primera.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e94d6792f7938895bfc77a121dd4bec2515071b4f184de99ac85d276112e60a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42157
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Sep 2022 11:01:27 GMT
rs
ad4m.at/ Frame 1E0B
473 B
855 B
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
193fc1085e1f56be73ef5727e0fc747829e283ea99c6bbc12b2065d5f17d3575

Request headers

Referer
https://deli.misaglam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
74a89fefbb72bbaf-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fK3ZDIqwZKgz7enQfvYJq0ionK5xL1PEnYxPGUULzaGRop8IjkPgV4puUigY3ca0GDxCr%2BVB2rRwgaSu4KxNDn%2FK6ZWS8obQdMKIIEQGbiCcsaC%2BPA2GJF9OKSSYBr2Uedy9ZA0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://deli.misaglam.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://deli.misaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://deli.misaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74a89fef8b22bbaf-FRA
content-length
24
content-type
text/plain
date
Wed, 14 Sep 2022 11:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atuGF3Enp6MfipZqU7MPBMFlmz7jg0FV1i9vR10fcOB5AsC5J7fGmPsTs6zGu4u%2BbFmtrKwehAkWrVL20pWnW0KrQ%2FDXVIgVcycILneGPqd8jSVzcoeNyH3iKFRgMzV4Rfzgkqk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
css
fonts.googleapis.com/ Frame 4C1E
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Requested by
Host: primusmarkt-static.storage.googleapis.com
URL: https://primusmarkt-static.storage.googleapis.com/assets/css/theme.css?3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:803::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://primusmarkt-static.storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 10:28:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 11:01:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Sep 2022 11:01:27 GMT
rar
as.ad4m.at/ad/ Frame 102F
8 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4b8fabeb1f17c9c3c5b905d09630c7e0ebe389f07b2ad4a04051712a0bb76b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74a89ff028b0915e-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 11:01:27 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 102F
85 KB
11 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
161051
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74a89ff06976912a-FRA
cf-bgj
minify
B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 102F
26 KB
26 KB
Image
General
Full URL
https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1861219
cf-polished
origFmt=png, origSize=53992
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26236
last-modified
Wed, 29 Jun 2022 14:47:26 GMT
server
cloudflare
etag
"e460905652d65e6a54a57da046f52d6c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odh%2BMugsrH7tAbFAnYGRLxClJz75bOU5Iy1S0Cac828MB1UgI2iGONorkOiTsGNj%2BPobo8yL8bjqFKr1myHLb9KuhbqGizUHIoiH9QgWux7OrWcGdRZNh%2BBzX6n9ScC2%2BoyUtTcaqqpdRJw4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 15 Sep 2022 11:01:27 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74a89ff0793b915e-FRA
cf-bgj
imgq:85,h2pri
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 102F
54 KB
55 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1861864
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55798
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3olItUGgj8uMMexiNBryLoJUjZNOir%2BzWstnzna28XTzdXOhCTFdvHlLUlCi3A9vteWU%2F7EtCtvUv%2FdtLphXrj414SFPHw7rikvdVnz5rKtIpKYsgJadpEub9ea3vN4LHvvjjTdsgLfgwGbr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 15 Sep 2022 11:01:27 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74a89ff0793c915e-FRA
cf-bgj
imgq:85,h2pri
822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
assets.ad4m.at/logo/ Frame 102F
33 KB
33 KB
Image
General
Full URL
https://assets.ad4m.at/logo/822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1866125
cf-polished
origFmt=png, origSize=48887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33666
last-modified
Mon, 19 Oct 2020 12:32:26 GMT
server
cloudflare
etag
"4fe1ecb98ff38283cdb2ae157e399ba2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYGfIHHOwlsUfncAGJ%2FnQ5t8nhsgBFWb%2FjZ8sH2S133EGPBmUrqYgiJGtqF9jg0lS5Dhtr1ya0%2FY0T%2BEg4zLlIF4LN3VyYP3Y1fFSerPz3InVnxOW5PGa8iKFF1EyNhymjidqpSN89Rug5my"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 15 Sep 2022 11:01:27 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74a89ff07939915e-FRA
cf-bgj
imgq:85,h2pri
B8FB6A32167DA26E4E474968A055593FF43C0F2954AE66BD1798EADDCF9AC0A502F9D7413CFAA5E7E5809133DC210348B7DFA8E57B3C10CD8B0F8FAED993BB11
assets.ad4m.at/product_image/ Frame 102F
68 KB
69 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/B8FB6A32167DA26E4E474968A055593FF43C0F2954AE66BD1798EADDCF9AC0A502F9D7413CFAA5E7E5809133DC210348B7DFA8E57B3C10CD8B0F8FAED993BB11
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fcbb378853463a4988a16d61fc995f41056c60236b8e1d4decdc9cb25c999a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1861908
cf-polished
qual=85, origFmt=jpeg, origSize=79101
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70108
last-modified
Wed, 27 Jul 2022 12:23:23 GMT
server
cloudflare
etag
"58879895efe64f553dc9fa167564951f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvZ%2BRumyAqNmaQ%2FrJDSMxsmHlvLXZ%2FYrpQGXBogc%2F6n%2BqC%2FiVD8Yo1iEcUV%2F6kxRm5BUXMmcYjeTYnOcnijKfj4mv3bawhJo3E6txwNbl3wFlQwQ5bz%2BQbOv2N2lAlf7CR%2Ftt%2BeKPXV3AmA%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 15 Sep 2022 11:01:27 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74a89ff07942915e-FRA
cf-bgj
imgq:85,h2pri
63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 102F
8 KB
8 KB
Image
General
Full URL
https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1867720
cf-polished
origFmt=png, origSize=12956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7692
last-modified
Tue, 29 Mar 2022 14:32:10 GMT
server
cloudflare
etag
"c6c297b07f296b60586b8613b6e9b5cd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGoy%2BPZiwH%2FedyDK6wKtHvzFe0LlzoeN5xgt15LGMWvPrD7Nsby5Gw3YnF%2BpUf518tediBCCoMVisEboLKmYSnpFfB6tEkuHd%2BHIon%2FndgDIyPubi7UqqhnVvgnntLrL7Sf0%2BG9whfY9PzNS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 15 Sep 2022 11:01:27 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74a89ff0793e915e-FRA
cf-bgj
imgq:85,h2pri
A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 102F
422 KB
423 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1791096
cf-polished
origFmt=png, origSize=632572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
432334
last-modified
Wed, 29 Dec 2021 17:30:00 GMT
server
cloudflare
etag
"ee529fd62e145fb264303add5fb5a944"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOeNvGpBgBqB26QWjrzn5EXPm3s2X7Hmw75teJIa5FvT5rk4ynjO80da3265az1PU8PgNm7w7n9enP3cSoF7rvF6CfSRxdZJkm8dG2baQisY1CQdo9iGaL9l3nylugTRPDQMd6Rj6o3Q%2BmGP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 15 Sep 2022 11:01:27 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74a89ff07940915e-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 102F
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jszhj7fzxytrypn8bmg5p340tsnw61vvgyebrneh071w0vgnyfa19ec23dxzgtngg896h0d9e276hk42dy4tmabwp5446f6yepd81jjqj9ebkqparsjghbdp1p4jtvam070kzaxg0w8j29cnn94pb8qyxtaft0frn9fjpg28fnfnz3a882vx0mgxqbp0mssx7xhb9q8df1qjzxmvn3kkkcmvnzjpaq2v73hp63md9n4z8wgyrgx0nh7xf894xnnpfgmr%26a%3D&clickref=oneidP2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcponeid__Influencer_advancedad_728x90&viewref=oneidr5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtdoneid__Influencer_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
390831e1420fea69300e9f2a9a1e262bb21aaa888a3956b26d7c9733b302318b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
last-modified
Wed, 14 Sep 2022 11:01:27 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 14 Sep 2022 11:02:27 GMT
link.html
track.webgains.com/ Frame 102F
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3540285&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gmaxjas3gtybq9yrfq9cj67txxt4qy8283s2sx3bxzd3mhcpdjj1wspyj1411bct80bjzwx41bj4kewge0by96wf51w5eahytktsjxd5at6j5ts42bw7kdb2w2f83wbsnqkhx6my5v4k383ekwxsy60hgescby1ebddzxvtft15wthbmfft11tppn4c9fc4m0yqc2zt28aqwp223e89camcf0xpe08bpzt2m5hw2f2wjr9xvd53t7ypf7js7dzctn9zt%26a%3D&clickref=oneidYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92uroneid__Influencer_advancedad_728x90&viewref=oneidxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACAoneid__Influencer_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e3587480371bdf887e119cac15df85e21a428124b6201758de71b2c878d51aba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
last-modified
Wed, 14 Sep 2022 11:01:27 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 14 Sep 2022 11:02:27 GMT
link.html
track.webgains.com/ Frame 102F
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jp7axy5zw71v8h2cxxdq67mpq5pb6qc9pe3yhd5p6scxkmt66syaykj36z1t6vwgdyhgk6fj0q5754pccah4cne01q76vezexjp4ha0s2531q08f8fphvz5n4qzwynn0h9entkcybyjytg7vy7b7r4twy24vcmg53cmfnnm4x1bsgmepzw4nr6v8hyxb4dbhkxwg7mwycep5j8p1atmwgcejet79hvhqzyj9t5g8rmehyz467jmn2azhjmc25tvf2v78%26a%3D&clickref=oneidW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2oneid__Influencer_advancedad_728x90&viewref=oneid3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCdoneid__Influencer_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6f003fc5f4c00c29b2d8579abc88060df8f746e2052c9bfdf031ec09eff86976

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 11:01:27 GMT
last-modified
Wed, 14 Sep 2022 11:01:27 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 14 Sep 2022 11:02:27 GMT
analytics.js
www.google-analytics.com/ Frame 4C1E
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116074408-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primusmarkt.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6330
date
Wed, 14 Sep 2022 09:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 14 Sep 2022 11:15:58 GMT
pvClk.min.js
analytics.webgains.io/ Frame 102F
85 KB
85 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jp7axy5zw71v8h2cxxdq67mpq5pb6qc9pe3yhd5p6scxkmt66syaykj36z1t6vwgdyhgk6fj0q5754pccah4cne01q76vezexjp4ha0s2531q08f8fphvz5n4qzwynn0h9entkcybyjytg7vy7b7r4twy24vcmg53cmfnnm4x1bsgmepzw4nr6v8hyxb4dbhkxwg7mwycep5j8p1atmwgcejet79hvhqzyj9t5g8rmehyz467jmn2azhjmc25tvf2v78%26a%3D&clickref=oneidW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2oneid__Influencer_advancedad_728x90&viewref=oneid3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCdoneid__Influencer_advancedad_728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 03:15:35 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
27954
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
Pz6aLrmz3-yJaBeH6XQ_7d33ieuzGJbXVFzDYy6oS72j7TprL4ltVA==
1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame 102F
2 KB
3 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1663153587&Signature=JlzQ1RShLAA4PKsVpbLaXLTNpcifpSy-GdM3fRxaajyyTpS5hdHBWjwmvPIWXz2EgLGJWmaR~NuyriYurBYnOtlENvtfQO93J1tpZhl58JyqNNYoXI7q0IN5t47nzNAlZWbAL6sFqoAm644L~irWpsqsVbHzkABqu2Fp6ZVjiUDZy0AZ3Eyg9e8OdNqLm1lG7TEVzmGqQ3BH-I6Y7~aLRTU~aoG~pkiXnCfGNcXdMMlNHCLSyhotopqtXF70XiJzhXUtAyOD8QtPE4UFmIsc5T3E6nvWy3os65LnzRuGye4kDICBLbwBkVRmySpC0iHZ~8BIllYUFS2zXF1krQ9yzw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:31:16 GMT
server
AmazonS3
age
5535
etag
"90a67412ed0b25c3e4ca2ad17658d5e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 14 Sep 2022 09:29:14 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2545
x-amz-cf-id
Y4z_THNkFNrqYq6gapnnignMCLoeTtTN79zEaCIsqQyOOo9GkCGePA==
2022-07-25_familienzeit-panini-banner-627x627.jpeg
cdn.track.production.webgains.team/268155/ Frame 102F
77 KB
78 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/268155/2022-07-25_familienzeit-panini-banner-627x627.jpeg?Expires=1663153587&Signature=ovXDnH992uSqkipJom5GhkA98H0I0-3T1DifiozOOvtO2Sw7CRBoQWhGzA5Ru7SIie4XmvXfj8SrccrdaIzB4yOgJHc-2ml~o07AjnJv~SddBMVrt5IWV9UHXS2vm984~bQT7-RYNSvoBQwlD9gB-QB2e4zhwx7UUbIoQyLYZNLE5SxB3OI26d8OQAgIhymYq07I1szT-U8BuY6gjjXLH8Bc642btkDMXx3y8yuPbZ0nydSPuLUP9MDtE5r0PUj1liAxlH0f3FKjCYIAXGtnWH24hJjn3ZdBQUHl3LACSUFpwqgbjs0JkPunjuQ0A3jfI-YhaJLjIIiuDSXasniX-w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcf3c1a73ae6215dc150d3e2031c9de98af41e5cc022bf9c16852b13075b4d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:44:20 GMT
server
AmazonS3
age
20361
etag
"58879895efe64f553dc9fa167564951f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Wed, 14 Sep 2022 05:22:19 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
79101
x-amz-cf-id
OyiN7yj0x-wNJ2m_bZ24FrAM7PO-GGltreJU5jI2QVGE6ql8CEEHNQ==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 102F
15 KB
15 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1663153587&Signature=GhHKdBtn4HmmewAZleVezROeExoXIN13aNeDKXqM3S~6SyP~8UIlA2PrAmHlgYKQVfwDb4nGLrQIwzwJBEQMW~Rlpfw9Mzb9~M96Oty~peN41D7Whi8quhPVbDdqURFH3Wq2o1hS1PB54kKrjf~u-bYiVA-ht7RH4Ru5P1mfPBF90geC3FbDBb5bvYZUdkPu-xj5uXVOAqvJ3Y~i~~Y7pgUAceGwkODI5-1EOpD-GeCLO5pqkR8s0ZkMEIwUsACFvPfbrf189zWLPY1UN0o6sHLZWI1IQpRq4IbRjzlGoaKtyccHlRnbLb-G5O4b~glq677koHIZR3b9m1g2HaidyQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=35aa0b063c2f9b57af7db648def928ca%2F5291153195128983564&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663153287676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
age
28316
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 14 Sep 2022 03:09:34 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
15054
x-amz-cf-id
0F5Ymp7ybanO5lQalJ62A_WDIRvCdtShYfm50WZQFeLarTHYatvlyQ==
tracking-event
api.webgains.io/ Frame 102F
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 11:01:29 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 14 Sep 2022 11:01:29 GMT
server
nginx
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 14 Sep 2022 11:01:29 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 102F
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 11:01:29 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 102F
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 11:01:29 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 14 Sep 2022 11:01:29 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation number| fcr object| _fcc number| cid object| style object| fjs object| st object| fci object| ifrm

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: http://siceu.de/upload/style.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ad4m.at
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
bit.ly
c.blyatflix.de
cdn.track.production.webgains.team
de-c114.cdnplus.de
deli.misaglam.com
dustyautoabduct.com
fonts.googleapis.com
listen.openstream.co
listen.radioearn.com
lux-c128.cdnplus.de
primusmarkt-static.storage.googleapis.com
radioearn-stream24.radiohost.de
ref.cdnplus.de
s5qj82thv3dw.de
siceu.de
spaceeditors.com
static.a-ads.com
str3.openstream.co
thisis.aninter.net
track.webgains.com
vip.wongsong.cn
www.fastcounter.de
www.google-analytics.com
www.googletagmanager.com
www.primusmarkt.de
www.siceu.de
zuppelzockt.com
107.189.11.145
107.189.31.238
148.251.13.139
162.19.154.224
178.33.221.216
18.66.147.52
18.66.147.95
185.243.10.137
192.243.61.227
195.201.169.184
2606:4700:20::ac43:4a81
2a00:1450:4001:80f::2010
2a00:1450:4001:828::2008
2a00:1450:4001:830::200e
2a00:1450:400a:803::200a
2a01:4f8:10b:ddc::2
2a01:4f8:c17:3d79::1
2a01:4f9:4b:1406::2
3.11.238.206
34.254.70.82
52.56.221.73
67.199.248.11
85.10.246.93
85.13.135.3
94.130.9.175
00e2768a2298a27c65f487c38443c821db861cd1decd09fc9d0268b8f462f5aa
05d596fba6ceb784da475d3312851a602b9c1ce38c3e3c761292bc1767a833e6
12d6442269899e927ad1d0a0bdad4e028eaa96580b7a0c4049c805640840f4f7
157beb18f9680c663116d47e9bb0bdc2229997974443ae88938d0dba73a3d6ed
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
193fc1085e1f56be73ef5727e0fc747829e283ea99c6bbc12b2065d5f17d3575
1c33e47678a345c22edae3f267f021b8efee61febfadc97d23e7aab3e4a7e4bf
1e94d6792f7938895bfc77a121dd4bec2515071b4f184de99ac85d276112e60a
2a4da6ab55f8e4a7696be8bc3ddf1c594610315b72b8e28558c1ede556b45c50
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
36b13e946d3a282cf2258d2a4c94db3e0ace5290b0c349cda8628fac3c177ed9
390831e1420fea69300e9f2a9a1e262bb21aaa888a3956b26d7c9733b302318b
3c8ccb6999f4b357495a29295b17c4be3d4b9853df8eed92d491cd47707cea87
3f4b8fabeb1f17c9c3c5b905d09630c7e0ebe389f07b2ad4a04051712a0bb76b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54124f966bb97840a1747555593fc37100852d76364418a31ec53888af385335
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f0a71528d959fd60cd17a04f15a4752efb3a83f1d85413404cb3fe49817406b
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae
6f003fc5f4c00c29b2d8579abc88060df8f746e2052c9bfdf031ec09eff86976
6fcbb378853463a4988a16d61fc995f41056c60236b8e1d4decdc9cb25c999a1
873d531ee037aa2c768258f1a318752e8895d030054baf1a450356c4bb202d00
892fcc249b9b0fd6e8727741d21d5cdd5474238327ba116308b5dfad6ddfd1bd
8c2eb6a48bdaf70d84b6856aafc35a9cfa880ec5486b70d55ced577327a60fba
8d34a19ae835202b58c6c9e2497fd849d6e1d11d13a08afc9de597edbc0d4920
8f83558688168d9446991e2598bbd6013c98b50331e4a096e260f5b2dbe2b6bd
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e
948bb19ea8791887660bb2008db9fc84a89e30953cea07254ba50313c08792be
9b4e21734188f38fcdbd418ac5180dda4fb59dd4a1b1df1538ad77970f68ba55
9cce6eeb371d9753345cd13ac5532ad92cda459a5a88bf6afa4ffd85b6cdb30f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4c53f3e8b4b7c98e4ccc342a9048fbf9fb55158c71832581a02ef280f8ee9cd
b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e
b913afdcba01154b64f57990dad9701e597ef22356499b10a79b5fdc6bae6849
c32fe64a75e99b3673b9ee903ed927e5ace1581457e72b4c0e2c6fed08660ca4
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
d8f0a53ee58a6d0a6cbf8b782be447af1c3fd19816d8dec1384bcc86fd2ff4ff
d90648c00843d27a23ae8d00286eb4bdf53a512e02adb3a18e4076799deef05b
dcf3c1a73ae6215dc150d3e2031c9de98af41e5cc022bf9c16852b13075b4d3d
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
e3587480371bdf887e119cac15df85e21a428124b6201758de71b2c878d51aba
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
fae126d3a1bbd73f9708f26700a61ac7e182adaf16ffba42b8b0d16e3cfe9215
fbc3452dd83d5a998ca75c6d4657ae8a83f56d7b4e917dda3daff842d9ebb1fc
ff66f7dbd78649250fda9929c65b5f2d78d5914b1e6b74729ed38487c64a453c