www.geheimeaffaires.com Open in urlscan Pro
35.195.88.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stylemefrugal.com/goto/26770444336/672196/aHR0cDovL3lhLXJvZGl0ZWwuY29t
Effective URL:
https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
Submission: On January 26 via api (January 26th 2021, 1:07:15 pm UTC) from BE

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 6 countries across 13 domains to perform 55 HTTP transactions. The main IP is 35.195.88.46, located in Ascension Island and belongs to GOOGLE, US. The main domain is www.geheimeaffaires.com.
TLS certificate: Issued by R3 on January 5th 2021. Valid for: 3 months.

This is the only time www.geheimeaffaires.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	80.249.151.138 80.249.151.138	49505 (SELECTEL) (SELECTEL)
1 1	77.222.40.109 77.222.40.109	44112 (SWEB-AS) (SWEB-AS)
1 1	91.202.61.105 91.202.61.105	44571 (NETVILLAG...) (NETVILLAGE-AS)
1 2	2606:4700:303... 2606:4700:3035::ac43:c464	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.205.83.125 34.205.83.125	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.71.111.21 52.71.111.21	14618 (AMAZON-AES) (AMAZON-AES)
34	35.195.88.46 35.195.88.46	15169 (GOOGLE) (GOOGLE)
10	35.195.163.35 35.195.163.35	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	35.227.221.175 35.227.221.175	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
55	9

1 80.249.151.138 (Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)
PTR: gestoes09.corebusines.cloud

stylemefrugal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.222.40.109 (Russian Federation) 1 redirects

ASN44112 (SWEB-AS, RU)
PTR: vh286.sweb.ru

ya-roditel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.202.61.105 (Seychelles) 1 redirects

ASN44571 (NETVILLAGE-AS, SC)

sexdating4.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:c464 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

delivery.brkrbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.83.125 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-83-125.compute-1.amazonaws.com

trackoptimise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.111.21 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-111-21.compute-1.amazonaws.com

tracksfaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 35.195.88.46 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 46.88.195.35.bc.googleusercontent.com

www.geheimeaffaires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.195.163.35 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 35.163.195.35.bc.googleusercontent.com

eu.collectconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.eu.collectconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.221.175 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 175.221.227.35.bc.googleusercontent.com

static.dating	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	geheimeaffaires.com www.geheimeaffaires.com	988 KB
10	collectconsent.com eu.collectconsent.com api.eu.collectconsent.com	24 KB
4	google-analytics.com www.google-analytics.com	19 KB
2	doubleclick.net stats.g.doubleclick.net	520 B
2	static.dating static.dating	247 KB
2	brkrbb.com 1 redirects delivery.brkrbb.com	4 KB
1	google.de www.google.de	505 B
1	google.com www.google.com	251 B
1	tracksfaster.com 1 redirects tracksfaster.com	759 B
1	trackoptimise.com 1 redirects trackoptimise.com	319 B
1	sexdating4.me 1 redirects sexdating4.me	527 B
1	ya-roditel.com 1 redirects ya-roditel.com	238 B
1	stylemefrugal.com 1 redirects stylemefrugal.com	239 B
55	13

	Domain	Requested by
34	www.geheimeaffaires.com	delivery.brkrbb.com www.geheimeaffaires.com
8	api.eu.collectconsent.com	eu.collectconsent.com
4	www.google-analytics.com	www.geheimeaffaires.com www.google-analytics.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	static.dating	www.geheimeaffaires.com
2	eu.collectconsent.com	www.geheimeaffaires.com eu.collectconsent.com
2	delivery.brkrbb.com	1 redirects
1	www.google.de	www.geheimeaffaires.com
1	www.google.com	www.geheimeaffaires.com
1	tracksfaster.com	1 redirects
1	trackoptimise.com	1 redirects
1	sexdating4.me	1 redirects
1	ya-roditel.com	1 redirects
1	stylemefrugal.com	1 redirects
55	14

This site contains no links.

Subject Issuer	Validity	Valid
geheimeaffaires.com R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
eu.collectconsent.com R3	`2021-01-01` - `2021-04-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
static.dating R3	`2021-01-02` - `2021-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
Frame ID: 508AC13E53F52CBECDBBC319C0CABDCA
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://stylemefrugal.com/goto/26770444336/672196/aHR0cDovL3lhLXJvZGl0ZWwuY29t HTTP 302
http://ya-roditel.com/ HTTP 302
http://sexdating4.me/?r=708&sk=318&gr=1 HTTP 302
https://delivery.brkrbb.com/47206?session_id=161166641225572&subaffiliate_id=388 HTTP 302
http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx16... Page URL
https://trackoptimise.com/?a=13237&c=64416&s2=px1611666413a0313601013ed070e7490655452&s3=6184&s4=388 HTTP 302
https://tracksfaster.com/?a=13237&c=64416&s2=px1611666413a0313601013ed070e7490655452&s3=6184&s4=388&c... HTTP 302
https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

55
Requests

98 %
HTTPS

43 %
IPv6

13
Domains

14
Subdomains

9
IPs

6
Countries

1280 kB
Transfer

1621 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stylemefrugal.com/goto/26770444336/672196/aHR0cDovL3lhLXJvZGl0ZWwuY29t HTTP 302
http://ya-roditel.com/ HTTP 302
http://sexdating4.me/?r=708&sk=318&gr=1 HTTP 302
https://delivery.brkrbb.com/47206?session_id=161166641225572&subaffiliate_id=388 HTTP 302
http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx1611666413a0313601013ed070e7490655452%26s3%3D6184%26s4%3D388&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161166641225572%26subaffiliate_id%3D388%26tt%3D1 Page URL
https://trackoptimise.com/?a=13237&c=64416&s2=px1611666413a0313601013ed070e7490655452&s3=6184&s4=388 HTTP 302
https://tracksfaster.com/?a=13237&c=64416&s2=px1611666413a0313601013ed070e7490655452&s3=6184&s4=388&ckmguid=6491a614-79b5-416e-94a4-76737a39faac HTTP 302
https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://stylemefrugal.com/goto/26770444336/672196/aHR0cDovL3lhLXJvZGl0ZWwuY29t HTTP 302
http://ya-roditel.com/ HTTP 302
http://sexdating4.me/?r=708&sk=318&gr=1 HTTP 302
https://delivery.brkrbb.com/47206?session_id=161166641225572&subaffiliate_id=388 HTTP 302
http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx1611666413a0313601013ed070e7490655452%26s3%3D6184%26s4%3D388&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161166641225572%26subaffiliate_id%3D388%26tt%3D1

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set r Show response
delivery.brkrbb.com/
Redirect Chain

http://stylemefrugal.com/goto/26770444336/672196/aHR0cDovL3lhLXJvZGl0ZWwuY29t
http://ya-roditel.com/
http://sexdating4.me/?r=708&sk=318&gr=1
https://delivery.brkrbb.com/47206?session_id=161166641225572&subaffiliate_id=388
http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx1611666413a0313601013ed070e7490655452%26s3%3D6184%26s4%3D388&redirect_back=https%3A%2F%2Fdeliver...

909 B
2 KB

153ms
147ms

Document
text/html

2606:4700:3035::ac43:c464
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx1611666413a0313601013ed070e7490655452%26s3%3D6184%26s4%3D388&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161166641225572%26subaffiliate_id%3D388%26tt%3D1
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / HHVM/3.11.1
Resource Hash: bc8dbdb453eb2be740bc02df22d7b0f2b7034db8154328047011fc5812aa5a5d

Request headers

Host: delivery.brkrbb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=dd32ed4df0ac5494c0bbe2fcf791574411611666412; 51D_Bandwidth=1611666412.9848; ubbc=eyJpdiI6IldKT0ViZ2tQQVRQTVlFVGZSRmxwQmc9PSIsInZhbHVlIjoiUTJyaGRnM0lEeWlKUldickFEeG5Pdz09IiwibWFjIjoiNDYxYjk5MGU1MDYzMWRkOTc3ZGFiMjI2MTQ4OGEwZGVjM2FmMTM0ZDNmMGQ2MjljNjU0ZTY5YjQ2MDVlNzQ5MiJ9; bbuc=eyJpdiI6IlcyWEhUUmpmbXN5ejJQazRyOW9LNEE9PSIsInZhbHVlIjoiQW9QSTFGNHd3ZVVic3NaS05yWTVranFmWWRKOU94bTkydUJVbjFvcXI2QT0iLCJtYWMiOiI5MDAyMGQ4NzMyY2JkMzc1MzkxM2M4OTQwODUzYjY3MzRlNjRiNGNmOWJhZDRlNzIyODUxYzAwNmFiMjk4MWJiIn0%3D; bbrc=eyJpdiI6Ik1wZENPUklEZjdzMkxVTlBBTGg0OGc9PSIsInZhbHVlIjoiZmJ0XC9VY1BiVHhUTjUrcHZ3TCtKckE9PSIsIm1hYyI6ImNlNjJkYmMwMjQ4NDgxMmNjNmQ4MjExMzgwMmQ3ZTEyNzE2NzA5MWU3M2E1ZmNlODRkMDY5NGUwYTkzMzBhYTAifQ%3D%3D; laravel_session=eyJpdiI6Ik1ibnBEaENcL2s2a29HWVwvbHNZZkh4UT09IiwidmFsdWUiOiJNMzlpRHBSeWFiUDBveXE4djRkenZ3Nm1Va1wvNVF1c0ZsT2VMbmR5WlZKWk5LTGVkbXpKY0RFb0NLeE1YMEpCTE14N0NBTnh1UXhwakgyYlV6Sm56TVE9PSIsIm1hYyI6IjdkZGQxM2MwNmE4NTgyNzYyMGMxZWUxN2JhNzdkMDg4ZmUzNGQwZDU3YWYzMGFkOTMzNDQ3MTMwZGZjYWZlNjIifQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 26 Jan 2021 13:06:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: laravel_session=eyJpdiI6IkRzRndwZUZubm1FeHlDT2xhTWlyS1E9PSIsInZhbHVlIjoidDBDSGszVGxLWjBrK3pnYnpcL1wvUGRGdE5adW9YWTZ2YU5veDFQVmd2QkVxVWtZZER4K3pkOEZmb1BQV2VHeWg3bWFTNUhWYlc5azJJU3BDU3V6OGRpdz09IiwibWFjIjoiYjJhYWFiYjA1OTYwOGNkOGNlNjQ4MTMxNTY0ZTE4ZWNjNTNlYTJiNDQ5YjdjMDdjZTgyZGU1OTA1MGU0MzI1NCJ9; path=/; httponly __cf_bm=b369e052542646bb6d4819fdc0cf8fe67ddaeb3e-1611666413-1800-AUBg0rTYbYQ/mErtgopD/eg37yMsIW0s9/dKjpVbQUbtyIo87hMwqKVsDJDPpi64A0HcEhzoJkCr4ILD7woNmjQ=; path=/; expires=Tue, 26-Jan-21 13:36:53 GMT; domain=.brkrbb.com; HttpOnly; SameSite=None
X-Powered-By: HHVM/3.11.1
Vary: Accept-Encoding
Cache-Control: no-cache
CF-Cache-Status: DYNAMIC
cf-request-id: 07e066ee710000beb55090b000000001
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0W9TGfx2ljlFVnEY4t9VwSfXAtEl9%2BWdMvkXYXGJTM%2BTd8z5TbUKgfL6phtRHWarbSReNGs7R3QlwU71TmFLRxoGWiE0rFM27TUeEijssMS6Rk1antlhG6W5Bi9jLHYJ"}],"group":"cf-nel"}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 617a742a4d10beb5-FRA
Content-Encoding: gzip

Redirect headers

date: Tue, 26 Jan 2021 13:06:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dd32ed4df0ac5494c0bbe2fcf791574411611666412; expires=Thu, 25-Feb-21 13:06:52 GMT; path=/; domain=.brkrbb.com; HttpOnly; SameSite=Lax 51D_Bandwidth=1611666412.9848 ubbc=eyJpdiI6IldKT0ViZ2tQQVRQTVlFVGZSRmxwQmc9PSIsInZhbHVlIjoiUTJyaGRnM0lEeWlKUldickFEeG5Pdz09IiwibWFjIjoiNDYxYjk5MGU1MDYzMWRkOTc3ZGFiMjI2MTQ4OGEwZGVjM2FmMTM0ZDNmMGQ2MjljNjU0ZTY5YjQ2MDVlNzQ5MiJ9; expires=Wed, 27-Jan-2021 13:06:53 GMT; Max-Age=86400; path=/; httponly bbuc=eyJpdiI6IlcyWEhUUmpmbXN5ejJQazRyOW9LNEE9PSIsInZhbHVlIjoiQW9QSTFGNHd3ZVVic3NaS05yWTVranFmWWRKOU94bTkydUJVbjFvcXI2QT0iLCJtYWMiOiI5MDAyMGQ4NzMyY2JkMzc1MzkxM2M4OTQwODUzYjY3MzRlNjRiNGNmOWJhZDRlNzIyODUxYzAwNmFiMjk4MWJiIn0%3D; expires=Wed, 27-Jan-2021 13:06:53 GMT; Max-Age=86400; path=/; httponly bbrc=eyJpdiI6Ik1wZENPUklEZjdzMkxVTlBBTGg0OGc9PSIsInZhbHVlIjoiZmJ0XC9VY1BiVHhUTjUrcHZ3TCtKckE9PSIsIm1hYyI6ImNlNjJkYmMwMjQ4NDgxMmNjNmQ4MjExMzgwMmQ3ZTEyNzE2NzA5MWU3M2E1ZmNlODRkMDY5NGUwYTkzMzBhYTAifQ%3D%3D; expires=Tue, 26-Jan-2021 20:06:53 GMT; Max-Age=25200; path=/; httponly laravel_session=eyJpdiI6Ik1ibnBEaENcL2s2a29HWVwvbHNZZkh4UT09IiwidmFsdWUiOiJNMzlpRHBSeWFiUDBveXE4djRkenZ3Nm1Va1wvNVF1c0ZsT2VMbmR5WlZKWk5LTGVkbXpKY0RFb0NLeE1YMEpCTE14N0NBTnh1UXhwakgyYlV6Sm56TVE9PSIsIm1hYyI6IjdkZGQxM2MwNmE4NTgyNzYyMGMxZWUxN2JhNzdkMDg4ZmUzNGQwZDU3YWYzMGFkOTMzNDQ3MTMwZGZjYWZlNjIifQ%3D%3D; path=/; httponly __cf_bm=0e9826d5502853b3068f8fd4d11306ca26969408-1611666413-1800-ARNmtu+RsNBAk5GQKNMLRVcitd4qVpiRMlHkDzQMx5NEFHhspZpF/vKw7OSWKFo0T8O6Xw/s1ew8XrR6GJVIEnk=; path=/; expires=Tue, 26-Jan-21 13:36:53 GMT; domain=.brkrbb.com; HttpOnly; Secure; SameSite=None
location: http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx1611666413a0313601013ed070e7490655452%26s3%3D6184%26s4%3D388&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161166641225572%26subaffiliate_id%3D388%26tt%3D1
cache-control: no-cache
vary: Accept-Encoding
x-powered-by: HHVM/3.11.1
cf-cache-status: DYNAMIC
cf-request-id: 07e066ecdd00002be9d5819000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wqjR6FjGSN%2FDkMjSGtQuCJ2%2Fg7SIVe7GQJaylDT%2B8XhUbY89AskuhgSocdzz7AgR%2B6ekIT3xk%2FRpdZ4DbxyP7aTKZYKDPmwHtyL6OSmNVOhF6u3MQKrLPjytQMhyp3PE"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 617a7427c9ca2be9-FRA

GET
H2

200

Primary Request landing3 Show response
www.geheimeaffaires.com/
Redirect Chain

https://trackoptimise.com/?a=13237&c=64416&s2=px1611666413a0313601013ed070e7490655452&s3=6184&s4=388
https://tracksfaster.com/?a=13237&c=64416&s2=px1611666413a0313601013ed070e7490655452&s3=6184&s4=388&ckmguid=6491a614-79b5-416e-94a4-76737a39faac
https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

17 KB
4 KB

226ms
146ms

Document
text/html

35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Requested by

Host: delivery.brkrbb.com
URL: http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx1611666413a0313601013ed070e7490655452%26s3%3D6184%26s4%3D388&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161166641225572%26subaffiliate_id%3D388%26tt%3D1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.34

Resource Hash

a0b9fff20c442599c0b4dbb6ceac3b0948e3280f84904135b6db12bb2baba9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.geheimeaffaires.com
:scheme: https
:path: /landing3?cat=milf&pi=13237&pt1=3099909768
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx1611666413a0313601013ed070e7490655452%26s3%3D6184%26s4%3D388&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161166641225572%26subaffiliate_id%3D388%26tt%3D1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://delivery.brkrbb.com/r?url=https%3A%2F%2Ftrackoptimise.com%2F%3Fa%3D13237%26c%3D64416%26s2%3Dpx1611666413a0313601013ed070e7490655452%26s3%3D6184%26s4%3D388&redirect_back=https%3A%2F%2Fdelivery.brkrbb.com%2F47206%2F%3Fsession_id%3D161166641225572%26subaffiliate_id%3D388%26tt%3D1

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Tue, 26 Jan 2021 13:06:54 GMT
content-type: text/html;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: geheimeaffaires.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 351615373
age: 0
x-cache: MISS
accept-ranges: bytes
via: 1.1 varnish (Varnish/6.0), 1.1 google
alt-svc: clear
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

Redirect headers

Cache-Control: private
Content-Length: 198
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Jan 2021 13:06:53 GMT
Location: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=ti8HnZL7XEKEX74dPY0X+8aK+yYUg5k2tYPJRcfInj3SxALi6Dw9AQ==; domain=.tracksfaster.com; path=/; HttpOnly trk=s61MzLl02WKcSmtt3wpT88aK+yYUg5k2tYPJRcfInj3SxALi6Dw9AQ==; domain=.tracksfaster.com; expires=Mon, 26-Jan-2026 13:06:54 GMT; path=/; HttpOnly c18047=ti8HnZL7XELCfbuMYLBts1Z8/mld4ikgzUK0ARWoUyDVdGITd/kYsA==; domain=.tracksfaster.com; expires=Thu, 25-Feb-2021 13:06:54 GMT; path=/; HttpOnly
Connection: close

GET
H2 200 landing3.css
www.geheimeaffaires.com/landers/css/ 31 KB
5 KB 918ms
917ms Stylesheet
text/css 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/css/landing3.css

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.34

Resource Hash

f4a7e8d23f158a5bdeb0f976ca7f2c088665c2b7bea44c5eed0c0d3d3332fa29

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-powered-by: PHP/7.2.34
x-cache: MISS
x-host: geheimeaffaires.com
alt-svc: clear
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-varnish: 351615375
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css;charset=UTF-8

GET
H2 200 pornhub.css
www.geheimeaffaires.com/landers/css/theme/ 11 KB
2 KB 37ms
37ms Stylesheet
text/css 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/css/theme/pornhub.css

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) / PHP/7.2.34

Resource Hash

4043c2feeaaec48116d332605cd1818da06880f56b0dd6204c476bbf56a0db01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-powered-by: PHP/7.2.34
x-cache: HIT
x-host: geheimeaffaires.com
alt-svc: clear
content-length: 1878
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-varnish: 354415280 352079803
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css;charset=UTF-8

GET
H2 200 fontawesome-all.min.css
www.geheimeaffaires.com/landers/css/ 50 KB
11 KB 36ms
36ms Stylesheet
text/css 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/css/fontawesome-all.min.css

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: clear
content-length: 10650
last-modified: Mon, 25 Jan 2021 15:01:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"600edd32-c970"
strict-transport-security: max-age=63072000;
x-varnish: 351707712 350756673
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: text/css

GET
H2 200 logo.png
www.geheimeaffaires.com/img/ 5 KB
5 KB 27ms
26ms Image
image/png 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/img/logo.png

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7aa4551756597459a1c604b16b417fd02900aa4a4a2d63dbb2f866c7e848c157

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 Jan 2021 12:16:51 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "140a-5b9179489d2c0"
vary: X-Forwarded-Proto,Host
content-type: image/png
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 5130
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 loading.gif
www.geheimeaffaires.com/landers/images/loader/ 3 KB
3 KB 36ms
36ms Image
image/gif 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/loader/loading.gif

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:54 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: clear
content-length: 2892
last-modified: Mon, 25 Jan 2021 15:01:08 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "600edd34-b4c"
strict-transport-security: max-age=63072000;
x-varnish: 355747793 355040271
cache-control: max-age=300
accept-ranges: bytes
content-type: image/gif

GET
H2 200 vendor.js Show response
www.geheimeaffaires.com/landers/js/ 121 KB
43 KB 73ms
73ms Script
application/javascript 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/js/vendor.js

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8d3ee266a02c161594ffe7fb9c66278d068dbc88a99ae0dc45671c69599689e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: clear
content-length: 43540
last-modified: Mon, 25 Jan 2021 15:01:13 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"600edd39-1e2ae"
strict-transport-security: max-age=63072000;
x-varnish: 353797369 353449304
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 fa-solid-900.woff2
www.geheimeaffaires.com/landers/webfonts/ 90 KB
90 KB 76ms
76ms Font
application/octet-stream 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/webfonts/fa-solid-900.woff2

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landers/css/fontawesome-all.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.geheimeaffaires.com
Referer: https://www.geheimeaffaires.com/landers/css/fontawesome-all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 91792
last-modified: Mon, 25 Jan 2021 15:01:08 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "600edd34-16690"
strict-transport-security: max-age=63072000;
x-varnish: 351832081
cache-control: max-age=300
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 cc.js Show response
eu.collectconsent.com/ 117 KB
14 KB 115ms
57ms Script
application/javascript 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.collectconsent.com/cc.js?wId=41YuKVaYkGa5iFXaJ3xU48&domain=geheimeaffaires.com&languageCode=nl&languageTerritory=BE&sessionId=d742ab33f93d42dab5ad0b274557a3a9

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

da6eafa8cb17b22c7a58912a7a1ababe461d374c6c41cfbc83ef3564b90318c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/javascript
vary: Accept-Encoding
content-length: 14058

GET
H2 200 landing3.js Show response
www.geheimeaffaires.com/landers/js/ 53 KB
15 KB 40ms
40ms Script
application/javascript 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/landers/js/landing3.js

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

f50686dfb53a28d91a7d6e0e5571c7e1f68da526efa23803535c7b1e3ef06b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: HIT
alt-svc: clear
content-length: 14935
last-modified: Mon, 25 Jan 2021 15:01:13 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"600edd39-d5ed"
strict-transport-security: max-age=63072000;
x-varnish: 351707725 351707668
via: 1.1 varnish (Varnish/6.0), 1.1 google
vary: Accept-Encoding
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landers/js/landing3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2436
date: Tue, 26 Jan 2021 12:26:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 26 Jan 2021 14:26:19 GMT

GET
H2 200 nl-be2.json Show response
static.dating/lander/translations/ 123 KB
124 KB 67ms
21ms XHR
application/octet-stream 35.227.221.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dating/lander/translations/nl-be2.json
Requested by: Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landers/js/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.221.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.221.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6e5d3df4826d91051edcd25179eb72580b99aec9865e7f17bbeb3f053ca7061e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 12:39:57 GMT
age: 1618
x-guploader-uploadid: ABg5-UyGDvK67dY7jtaMf_xra60wSDIx4GlKO2siAmvA-tiQGWRz5U_-r8vjcWD8i5tV__n41Rws7aSUGABr3MZSPBlorH0KVQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 125969
last-modified: Wed, 18 Nov 2020 15:19:05 GMT
server: UploadServer
etag: "dce3f7d08f740550c6b2d44327857a3d"
x-goog-hash: crc32c=ffkFxQ==, md5=3OP30I90BVDGstRDJ4V6PQ==
x-goog-generation: 1605712745095235
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 125969
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 26 Jan 2021 13:39:57 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
73 B 13ms
13ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1098997803&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geheimeaffaires.com%2Flanding3%3Fcat%3Dmilf%26pi%3D13237%26pt1%3D3099909768&dr=http%3A%2F%2Fdelivery.brkrbb.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrackoptimise.com%252F%253Fa%253D13237%2526c%253D64416%2526s2%253Dpx1611666413a0313601013ed070e7490655452%2526s3%253D6184%2526s4%253D388%26redirect_back%3Dhttps%253A%252F%252Fdelivery.brkrbb.com%252F47206%252F%253Fsession_id%253D161166641225572%2526subaffiliate_id%253D388%2526tt%253D1&ul=en-us&de=UTF-8&dt=geheimeaffaires.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABEAAAAC~&jid=1619640343&gjid=392326765&cid=1989748566.1611666416&tid=UA-132064855-2&_gid=580105754.1611666416&_r=1&_slc=1&z=1115998196

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geheimeaffaires.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
27 B 13ms
13ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1098997803&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geheimeaffaires.com%2Flanding3%3Fcat%3Dmilf%26pi%3D13237%26pt1%3D3099909768&dr=http%3A%2F%2Fdelivery.brkrbb.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrackoptimise.com%252F%253Fa%253D13237%2526c%253D64416%2526s2%253Dpx1611666413a0313601013ed070e7490655452%2526s3%253D6184%2526s4%253D388%26redirect_back%3Dhttps%253A%252F%252Fdelivery.brkrbb.com%252F47206%252F%253Fsession_id%253D161166641225572%2526subaffiliate_id%253D388%2526tt%253D1&ul=en-us&de=UTF-8&dt=geheimeaffaires.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABEAAAAC~&jid=81140572&gjid=257351789&cid=1989748566.1611666416&tid=UA-132064855-5&_gid=580105754.1611666416&_r=1&_slc=1&z=109025046

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geheimeaffaires.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 14ms
14ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1098997803&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geheimeaffaires.com%2Flanding3%3Fcat%3Dmilf%26pi%3D13237%26pt1%3D3099909768&dr=http%3A%2F%2Fdelivery.brkrbb.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrackoptimise.com%252F%253Fa%253D13237%2526c%253D64416%2526s2%253Dpx1611666413a0313601013ed070e7490655452%2526s3%253D6184%2526s4%253D388%26redirect_back%3Dhttps%253A%252F%252Fdelivery.brkrbb.com%252F47206%252F%253Fsession_id%253D161166641225572%2526subaffiliate_id%253D388%2526tt%253D1&ul=en-us&de=UTF-8&dt=geheimeaffaires.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABEAAAAC~&jid=19708687&gjid=1884604302&cid=1989748566.1611666416&tid=UA-120355740-5&_gid=580105754.1611666416&_r=1&_slc=1&z=551207727

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geheimeaffaires.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 search Show response
www.geheimeaffaires.com/json/profile/ 72 KB
73 KB 100ms
100ms XHR
application/json 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/json/profile/search

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landers/js/vendor.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

d303fd9d8eacbeb862a4c4acef1675d4adc344c0a5fe9fa3ea3b0eca1d8155c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
vary: X-Forwarded-Proto,Host
content-type: application/json
access-control-allow-origin: https://www.geheimeaffaires.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 nl-be2.json Show response
static.dating/lander/translations/ 123 KB
123 KB 19ms
19ms XHR
application/octet-stream 35.227.221.175
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dating/lander/translations/nl-be2.json
Requested by: Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landers/js/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.221.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.221.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6e5d3df4826d91051edcd25179eb72580b99aec9865e7f17bbeb3f053ca7061e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 12:39:57 GMT
age: 1618
x-guploader-uploadid: ABg5-UyGDvK67dY7jtaMf_xra60wSDIx4GlKO2siAmvA-tiQGWRz5U_-r8vjcWD8i5tV__n41Rws7aSUGABr3MZSPBlorH0KVQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 125969
last-modified: Wed, 18 Nov 2020 15:19:05 GMT
server: UploadServer
etag: "dce3f7d08f740550c6b2d44327857a3d"
x-goog-hash: crc32c=ffkFxQ==, md5=3OP30I90BVDGstRDJ4V6PQ==
x-goog-generation: 1605712745095235
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 125969
accept-ranges: bytes
content-type: application/octet-stream
expires: Tue, 26 Jan 2021 13:39:57 GMT

GET
H2 200 01.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 1 KB
1 KB 41ms
39ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/01.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

b2565973fae507cdb0511351ce1e312f8bf8d048aa9d30dc2daff6fea2ee3b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 1168
last-modified: Mon, 25 Jan 2021 15:01:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "600edd33-490"
strict-transport-security: max-age=63072000;
x-varnish: 355865156
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 02.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 43 KB
43 KB 74ms
73ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/02.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

01215a6fb6a63240579c3117c5406be4959b084fa3a166c8c074f6e0d4b64e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 43762
last-modified: Mon, 25 Jan 2021 15:01:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "600edd33-aaf2"
strict-transport-security: max-age=63072000;
x-varnish: 349490142
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 03.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 1 KB
1 KB 39ms
38ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/03.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

885c37300020c7f8c8177e381bba3ab97b21709237a504ab8cdb0f4a72c8032e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 1060
last-modified: Mon, 25 Jan 2021 15:01:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "600edd33-424"
strict-transport-security: max-age=63072000;
x-varnish: 355329243
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 04.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 33 KB
33 KB 38ms
37ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/04.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c71a83323b1accc71e57c95b154d3de271d07ce0fd4c3ef3c8b182f96815f475

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 33565
last-modified: Mon, 25 Jan 2021 15:01:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "600edd33-831d"
strict-transport-security: max-age=63072000;
x-varnish: 353768957
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 05.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 1 KB
2 KB 73ms
72ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/05.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

532e05ec06d04f16a6474d895da6d81de18e0177961df4641cfa2fe692a2aed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 1256
last-modified: Mon, 25 Jan 2021 15:01:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "600edd33-4e8"
strict-transport-security: max-age=63072000;
x-varnish: 355459184
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 06.jpg
www.geheimeaffaires.com/landers/images/landing3/milf/default/ 121 KB
121 KB 39ms
39ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/landers/images/landing3/milf/default/06.jpg?geo=be

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a58aec386c524bf5e2f0e451e646b1a2ff2ad42666d06abf61c60209314dc76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options: nosniff
x-cacheable: YES
xkey: lander
age: 0
x-cache: MISS
alt-svc: clear
content-length: 123596
last-modified: Mon, 25 Jan 2021 15:01:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "600edd33-1e2cc"
strict-transport-security: max-age=63072000;
x-varnish: 354509692
cache-control: max-age=300
accept-ranges: bytes
content-type: image/jpeg

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-132064855-2&cid=1989748566.1611666416&jid=1619640343&gjid=392326765&_gid=580105754.1611666416&_u=KEBAAEAAEAAAAC~&z=397496769

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 26 Jan 2021 13:06:55 GMT
content-type: text/plain
access-control-allow-origin: https://www.geheimeaffaires.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
451 B 40ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-132064855-5&cid=1989748566.1611666416&jid=81140572&gjid=257351789&_gid=580105754.1611666416&_u=KEDAAEABEAAAAC~&z=815826550

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 26 Jan 2021 13:06:55 GMT
content-type: text/plain
access-control-allow-origin: https://www.geheimeaffaires.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
251 B 30ms
29ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-132064855-5&cid=1989748566.1611666416&jid=81140572&_u=KEDAAEABEAAAAC~&z=909685267

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 48ms
30ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-132064855-5&cid=1989748566.1611666416&jid=81140572&_u=KEDAAEABEAAAAC~&z=909685267

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 153669.jpg
www.geheimeaffaires.com/content/3/333221/fotos/ 22 KB
23 KB 31ms
26ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333221/fotos/153669.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7ab9fde69447cddcc3813c4493cac32db26b6a432e75858a2fff6a42d185464e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 20 Jan 2021 14:44:09 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "597c-5b955fcd9fb6b"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 22908
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154437.jpg
www.geheimeaffaires.com/content/3/333947/fotos/ 33 KB
34 KB 88ms
80ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333947/fotos/154437.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5f315d6ea2fcc09433e82b8c726f99532c552c50cc7a198ff80d1120522ff7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Jan 2021 09:14:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "8507-5b9ca13a54f7e"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 34055
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154407.jpg
www.geheimeaffaires.com/content/3/333933/fotos/ 27 KB
27 KB 37ms
29ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333933/fotos/154407.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

d2be51ceff26663c491f0a24801b70ed332118301863712d760b519206b417b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Jan 2021 09:09:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6b8d-5b9ca01b7b20a"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 27533
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154383.jpg
www.geheimeaffaires.com/content/3/333921/fotos/ 26 KB
27 KB 35ms
27ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333921/fotos/154383.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5e0b9fc4e10f02f70356f42b45340afacb8a1966484dbd4a4edb26d4123d98ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Jan 2021 09:04:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "69b2-5b9c9efc939d2"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 27058
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154381.jpg
www.geheimeaffaires.com/content/3/333919/fotos/ 25 KB
26 KB 60ms
53ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333919/fotos/154381.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

34f262659b4fb121f5fb11e4f19f84720da7bf9260d48bb395c015f3ce55b359

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Jan 2021 08:59:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6543-5b9c9de04fedc"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 25923
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154343.jpg
www.geheimeaffaires.com/content/3/333897/fotos/ 20 KB
21 KB 53ms
47ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333897/fotos/154343.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a994752ea989378729e1d38d663925bcc57398cda576f5e42026ab0dbfc905ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Jan 2021 08:49:08 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "50fa-5b9c9ba4be2f1"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 20730
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154331.jpg
www.geheimeaffaires.com/content/3/333891/fotos/ 36 KB
36 KB 51ms
45ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333891/fotos/154331.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

cddd1bbf685a54fb6f3bab3a42b804ca46b2d3dda6557f5d21e764aa309be580

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Jan 2021 08:49:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "8e57-5b9c9ba2a6037"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 36439
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154323.jpg
www.geheimeaffaires.com/content/3/333855/fotos/ 22 KB
22 KB 87ms
81ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333855/fotos/154323.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c6a3ca0aaddad7ae60305a69cb83b0201760ca7fc9b090110b66fec2991f11fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 17:29:08 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "58b9-5b9bce01bf936"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 22713
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154311.jpg
www.geheimeaffaires.com/content/3/333849/fotos/ 19 KB
20 KB 34ms
28ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333849/fotos/154311.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5648c58348b6d9eedc90d8d218eeba2bdc111526aef43b2e1340a93116df26a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 17:29:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "4d79-5b9bcdffe9d0f"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 19833
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154261.jpg
www.geheimeaffaires.com/content/3/333825/fotos/ 33 KB
33 KB 92ms
86ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333825/fotos/154261.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

4c6ba25a4d2f78dd496c1315d73833e66dd15a2300eae2d5ec398d6558cf3655

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 17:14:10 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "827c-5b9bcaa9153de"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 33404
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154249.jpg
www.geheimeaffaires.com/content/3/333819/fotos/ 61 KB
62 KB 75ms
69ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333819/fotos/154249.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

419bf84b490afb1867879c7d6e051b8034d6f93b033eef9411be5fd14d591001

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 17:14:08 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "f5a7-5b9bcaa708ca8"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 62887
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154237.jpg
www.geheimeaffaires.com/content/3/333813/fotos/ 36 KB
37 KB 70ms
64ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333813/fotos/154237.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5768ec6ffeebc03fa96ff56abbe4269c35bb8bb0f59103df60444f0f3523211a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 17:14:06 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "9168-5b9bcaa53ccc4"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 37224
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154189.jpg
www.geheimeaffaires.com/content/3/333775/fotos/ 28 KB
28 KB 51ms
46ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333775/fotos/154189.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

fc12b0f367c77c432c97b4817a2222d29f033a7ac013765e9f71f53347856d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 09:09:11 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "7079-5b9b5e4224d08"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 28793
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 153401.jpg
www.geheimeaffaires.com/content/3/332949/fotos/ 34 KB
35 KB 59ms
55ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/332949/fotos/153401.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e39b387d05ec211d71c01cabc11991e253a596827ae9e503dc3bd423c541aaf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 18 Jan 2021 14:24:08 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "88fb-5b92d799e1130"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 35067
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154181.jpg
www.geheimeaffaires.com/content/3/333771/fotos/ 22 KB
22 KB 66ms
61ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333771/fotos/154181.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7b09b32db22548ce09f23ba3d573a79d7c8dc9e0fb255e463792042246a73c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 09:09:09 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "58d4-5b9b5e405cba5"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 22740
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154149.jpg
www.geheimeaffaires.com/content/3/333755/fotos/ 21 KB
22 KB 52ms
48ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333755/fotos/154149.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

0b520aad02ca541925762bb03183244b941adad1e3f0e037fec3f091f08a49a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 09:04:09 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "551a-5b9b5d2227f03"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 21786
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154125.jpg
www.geheimeaffaires.com/content/3/333741/fotos/ 35 KB
35 KB 66ms
62ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333741/fotos/154125.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

b652b7b1300ab6a7c336d6a95ba7dc98c3f9185007d9787d271031bf663f992d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 08:59:10 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "8b9d-5b9b5c056a2cd"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 35741
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 154113.jpg
www.geheimeaffaires.com/content/3/333735/fotos/ 27 KB
27 KB 53ms
49ms Image
image/jpeg 35.195.88.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/content/3/333735/fotos/154113.jpg

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e80df9176c772116d856f890dbbd5f4d78aa4b133d49eec823d5e041a3ba989b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 08:59:08 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6a1e-5b9b5c038d945"
vary: X-Forwarded-Proto,Host
content-type: image/jpeg
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 27166
x-ua-compatible: IE=edge,chrome=1

OPTIONS
H2 200 collector
api.eu.collectconsent.com/consent/ 0
0 84ms
30ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/collector

Protocol

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Tue, 26 Jan 2021 13:06:55 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

GET
H2 200 cc.css
eu.collectconsent.com/ 24 KB
4 KB 28ms
26ms Stylesheet
text/css 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.collectconsent.com/cc.css

Requested by

Host: eu.collectconsent.com
URL: https://eu.collectconsent.com/cc.js?wId=41YuKVaYkGa5iFXaJ3xU48&domain=geheimeaffaires.com&languageCode=nl&languageTerritory=BE&sessionId=d742ab33f93d42dab5ad0b274557a3a9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Oct 2020 08:07:25 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "6073-5b1b123761e40-gzip"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 3892

POST
H2 200 collector Show response
api.eu.collectconsent.com/consent/ 4 KB
4 KB 54ms
53ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/collector

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

087f266f4362479148b04b7e057c942b8df71855b438f70f0ea2fac56331b40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Jan 2021 13:06:55 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
content-length: 4144

OPTIONS
H2 200 loadSegment
api.eu.collectconsent.com/consent/ 0
0 31ms
31ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Protocol

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Tue, 26 Jan 2021 13:06:56 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

POST
H2 200 loadSegment Show response
api.eu.collectconsent.com/consent/ 280 B
496 B 33ms
32ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5214f7f399be349fe1f4126dc4518ebcc8aa4d59d53be50a29e11de3cf0a69c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Jan 2021 13:06:56 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
content-length: 280

OPTIONS
H2 200 loadSegment
api.eu.collectconsent.com/consent/ 0
0 29ms
29ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Protocol

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Tue, 26 Jan 2021 13:06:56 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

POST
H2 200 loadSegment Show response
api.eu.collectconsent.com/consent/ 373 B
589 B 40ms
39ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

f60199aed20dc666a5329f1c6c97554ce39728e6b724522ddc708c173287943b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Jan 2021 13:06:56 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
content-length: 373

OPTIONS
H2 200 confirmExplicit
api.eu.collectconsent.com/consent/ 0
0 28ms
28ms Other
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/confirmExplicit

Protocol

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Tue, 26 Jan 2021 13:06:56 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

POST
H2 200 confirmExplicit Show response
api.eu.collectconsent.com/consent/ 0
214 B 48ms
48ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/confirmExplicit

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geheimeaffaires.com/landing3?cat=milf&pi=13237&pt1=3099909768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Jan 2021 13:06:56 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
content-length: 0

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geheimeaffaires.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: l725cd0af194nc6kvifn25hml7
.geheimeaffaires.com/	1970-01-19 15:42:32	Name: _gid Value: GA1.2.580105754.1611666416
.geheimeaffaires.com/	1970-01-19 15:41:06	Name: _gat_c Value: 1
.geheimeaffaires.com/	1970-01-19 15:41:06	Name: _gat_b Value: 1
.geheimeaffaires.com/	1969-12-31 23:59:59	Name: system Value: sessionId%3D6ileYZomq4sc6V9Kw9f5uT%26p%3D1025004%26pi%3Dtypein
.geheimeaffaires.com/	1970-01-19 15:41:06	Name: _gat_a Value: 1
.geheimeaffaires.com/	1970-01-20 09:12:18	Name: _ga Value: GA1.2.1989748566.1611666416

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.eu.collectconsent.com
delivery.brkrbb.com
eu.collectconsent.com
sexdating4.me
static.dating
stats.g.doubleclick.net
stylemefrugal.com
trackoptimise.com
tracksfaster.com
www.geheimeaffaires.com
www.google-analytics.com
www.google.com
www.google.de
ya-roditel.com
2606:4700:3035::ac43:c464
2a00:1450:4001:803::200e
2a00:1450:4001:811::2003
2a00:1450:4001:817::2004
2a00:1450:4001:825::200e
2a00:1450:400c:c00::9d
34.205.83.125
35.195.163.35
35.195.88.46
35.227.221.175
52.71.111.21
77.222.40.109
80.249.151.138
91.202.61.105
01215a6fb6a63240579c3117c5406be4959b084fa3a166c8c074f6e0d4b64e60
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
087f266f4362479148b04b7e057c942b8df71855b438f70f0ea2fac56331b40e
0b520aad02ca541925762bb03183244b941adad1e3f0e037fec3f091f08a49a0
34f262659b4fb121f5fb11e4f19f84720da7bf9260d48bb395c015f3ce55b359
4043c2feeaaec48116d332605cd1818da06880f56b0dd6204c476bbf56a0db01
419bf84b490afb1867879c7d6e051b8034d6f93b033eef9411be5fd14d591001
4c6ba25a4d2f78dd496c1315d73833e66dd15a2300eae2d5ec398d6558cf3655
5214f7f399be349fe1f4126dc4518ebcc8aa4d59d53be50a29e11de3cf0a69c8
532e05ec06d04f16a6474d895da6d81de18e0177961df4641cfa2fe692a2aed6
5648c58348b6d9eedc90d8d218eeba2bdc111526aef43b2e1340a93116df26a9
5768ec6ffeebc03fa96ff56abbe4269c35bb8bb0f59103df60444f0f3523211a
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
5e0b9fc4e10f02f70356f42b45340afacb8a1966484dbd4a4edb26d4123d98ac
5f315d6ea2fcc09433e82b8c726f99532c552c50cc7a198ff80d1120522ff7b3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5d3df4826d91051edcd25179eb72580b99aec9865e7f17bbeb3f053ca7061e
7aa4551756597459a1c604b16b417fd02900aa4a4a2d63dbb2f866c7e848c157
7ab9fde69447cddcc3813c4493cac32db26b6a432e75858a2fff6a42d185464e
7b09b32db22548ce09f23ba3d573a79d7c8dc9e0fb255e463792042246a73c1b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
885c37300020c7f8c8177e381bba3ab97b21709237a504ab8cdb0f4a72c8032e
8d3ee266a02c161594ffe7fb9c66278d068dbc88a99ae0dc45671c69599689e8
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0b9fff20c442599c0b4dbb6ceac3b0948e3280f84904135b6db12bb2baba9a8
a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3
a58aec386c524bf5e2f0e451e646b1a2ff2ad42666d06abf61c60209314dc76d
a994752ea989378729e1d38d663925bcc57398cda576f5e42026ab0dbfc905ff
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2565973fae507cdb0511351ce1e312f8bf8d048aa9d30dc2daff6fea2ee3b7c
b652b7b1300ab6a7c336d6a95ba7dc98c3f9185007d9787d271031bf663f992d
bc8dbdb453eb2be740bc02df22d7b0f2b7034db8154328047011fc5812aa5a5d
c6a3ca0aaddad7ae60305a69cb83b0201760ca7fc9b090110b66fec2991f11fa
c71a83323b1accc71e57c95b154d3de271d07ce0fd4c3ef3c8b182f96815f475
cddd1bbf685a54fb6f3bab3a42b804ca46b2d3dda6557f5d21e764aa309be580
d2be51ceff26663c491f0a24801b70ed332118301863712d760b519206b417b6
d303fd9d8eacbeb862a4c4acef1675d4adc344c0a5fe9fa3ea3b0eca1d8155c9
da6eafa8cb17b22c7a58912a7a1ababe461d374c6c41cfbc83ef3564b90318c4
e39b387d05ec211d71c01cabc11991e253a596827ae9e503dc3bd423c541aaf0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e80df9176c772116d856f890dbbd5f4d78aa4b133d49eec823d5e041a3ba989b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a7e8d23f158a5bdeb0f976ca7f2c088665c2b7bea44c5eed0c0d3d3332fa29
f50686dfb53a28d91a7d6e0e5571c7e1f68da526efa23803535c7b1e3ef06b39
f60199aed20dc666a5329f1c6c97554ce39728e6b724522ddc708c173287943b
fc12b0f367c77c432c97b4817a2222d29f033a7ac013765e9f71f53347856d44

www.geheimeaffaires.com Open in urlscan Pro 35.195.88.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

43 %IPv6

13 Domains

14 Subdomains

9 IPs

6 Countries

1280 kBTransfer

1621 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geheimeaffaires.com Open in urlscan Pro
35.195.88.46 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

43 %
IPv6

13
Domains

14
Subdomains

9
IPs

6
Countries

1280 kB
Transfer

1621 kB
Size

7
Cookies

55 HTTP transactions
0 data transactions