www.affaerentreff.de Open in urlscan Pro
2600:9000:2688:4a00:13:920a:46c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.vgnp3trk.com/37932q/7xdn2/?sub1=59818&sub2=37_59818_10415_e6b1086edcc351a7a6a6e22b5d548e4e&sub3=
Effective URL:
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
Submission: On January 28 via api (January 28th 2024, 2:13:57 am UTC) from US — Scanned from US

Summary HTTP 78 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 19 domains to perform 78 HTTP transactions. The main IP is 2600:9000:2688:4a00:13:920a:46c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.affaerentreff.de.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 18th 2023. Valid for: a year.

This is the only time www.affaerentreff.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.117.39.110 34.117.39.110	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
26	2600:9000:268... 2600:9000:2688:4a00:13:920a:46c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	91.201.28.212 91.201.28.212	203480 (QUALITYUNIT) (QUALITYUNIT)
4	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.48.224.103 23.48.224.103	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.138.106.126 108.138.106.126	16509 (AMAZON-02) (AMAZON-02)
3	108.62.123.181 108.62.123.181	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	2606:4700:303... 2606:4700:3036::ac43:9c50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	18.164.96.87 18.164.96.87	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
9	172.104.238.149 172.104.238.149	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
5	172.104.244.5 172.104.244.5	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	3.161.188.96 3.161.188.96	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
78	21

1 34.117.39.110 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 110.39.117.34.bc.googleusercontent.com

www.vgnp3trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:2688:4a00:13:920a:46c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.affaerentreff.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.201.28.212 (Slovakia)

ASN203480 (QUALITYUNIT, SK)

50slove.postaffiliatepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.48.224.103 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-103.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.62.123.181 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

detour.datingalpha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:9c50 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.azshopp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.104.238.149 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1814-149.members.linode.com

ais.ladesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.104.244.5 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1821-5.members.linode.com

2-vbus-de.ladesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.188.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-188-96.atl59.r.cloudfront.net

cdn.aisgmbh.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	affaerentreff.de www.affaerentreff.de	470 KB
14	ladesk.com ais.ladesk.com 2-vbus-de.ladesk.com — Cisco Umbrella Rank: 100056	185 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	144 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	284 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	58 KB
3	datingalpha.net detour.datingalpha.net	7 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	14 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 681 script.hotjar.com — Cisco Umbrella Rank: 996	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	68 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	83 KB
2	postaffiliatepro.com 50slove.postaffiliatepro.com	7 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	aisgmbh.at cdn.aisgmbh.at	16 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
1	azshopp.com scripts.azshopp.com	564 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	5 KB
1	vgnp3trk.com 1 redirects www.vgnp3trk.com	660 B
78	19

	Domain	Requested by
26	www.affaerentreff.de	www.affaerentreff.de
9	ais.ladesk.com	www.affaerentreff.de ais.ladesk.com
5	2-vbus-de.ladesk.com	ais.ladesk.com 2-vbus-de.ladesk.com
5	analytics.tiktok.com	www.affaerentreff.de analytics.tiktok.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.affaerentreff.de www.googletagmanager.com
4	cdn.jsdelivr.net	www.affaerentreff.de
3	detour.datingalpha.net	www.googletagmanager.com detour.datingalpha.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.affaerentreff.de
2	connect.facebook.net	www.affaerentreff.de connect.facebook.net
2	maxcdn.bootstrapcdn.com	www.affaerentreff.de maxcdn.bootstrapcdn.com
2	50slove.postaffiliatepro.com	www.affaerentreff.de 50slove.postaffiliatepro.com
1	www.facebook.com	www.affaerentreff.de
1	cdn.aisgmbh.at	www.affaerentreff.de
1	www.google.com	www.affaerentreff.de
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	scripts.azshopp.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.affaerentreff.de
1	www.vgnp3trk.com	1 redirects
78	21

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
www.affaerentreff.at
www.affaerentreff.ch
www.privacyshield.gov
www.dsb.gv.at
ec.europa.eu
policies.google.com
www.google.com
tools.google.com
www.google.de
www.networkadvertising.org

Subject Issuer	Validity	Valid
*.affaerentreff.de Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.postaffiliatepro.com R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-06` - `2024-02-04`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
detour.datingalpha.net ZeroSSL RSA Domain Secure Site CA	`2024-01-09` - `2024-04-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.ladesk.com R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.aisgmbh.at Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
Frame ID: 0B18E3081AF2F86D0E250D3E1F313BAB
Requests: 66 HTTP requests in this frame

Frame: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Frame ID: 3A9F639EDCD26C21F3C550FCB82A7C1C
Requests: 5 HTTP requests in this frame

Frame: https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1706416275&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b
Frame ID: E306806053B27A1E6F5543337D87A512
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AFFAERENTREFF

Page URL History Show full URLs

http://www.vgnp3trk.com/37932q/7xdn2/?sub1=59818&sub2=37_59818_10415_e6b1086edcc351a7a6a6e22b5d548e4... HTTP 302
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

78
Requests

99 %
HTTPS

57 %
IPv6

19
Domains

21
Subdomains

21
IPs

3
Countries

1423 kB
Transfer

4024 kB
Size

27
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Mehr dazu

Search URL Search Domain Scan URL

URL: https://www.affaerentreff.at/

Search URL Search Domain Scan URL

URL: https://www.affaerentreff.ch/

Search URL Search Domain Scan URL

URL: https://www.privacyshield.gov/
Title: https://www.privacyshield.gov

Search URL Search Domain Scan URL

URL: http://www.dsb.gv.at/
Title: http://www.dsb.gv.at

Search URL Search Domain Scan URL

URL: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
Title: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/de/help/terms_maps/
Title: Zusätzlichen Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://tools.google.com/dlpage/gaoptout?hl=ch
Title: https://tools.google.com/dlpage/gaoptout?hl=ch

Search URL Search Domain Scan URL

URL: http://www.google.de/settings/ads
Title: www.google.de/settings/ads

Search URL Search Domain Scan URL

URL: https://www.networkadvertising.org/choices/?partnerId=1/
Title: https://www.networkadvertising.org/choices/?partnerId=1/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.vgnp3trk.com/37932q/7xdn2/?sub1=59818&sub2=37_59818_10415_e6b1086edcc351a7a6a6e22b5d548e4e&sub3= HTTP 302
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.affaerentreff.de/
Redirect Chain

http://www.vgnp3trk.com/37932q/7xdn2/?sub1=59818&sub2=37_59818_10415_e6b1086edcc351a7a6a6e22b5d548e4e&sub3=
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

9 KB
4 KB

598ms
447ms

Document
text/html

2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e2347f12c65dbad05f419068e3720c005ffc9e10d405e56f0a431225b2ab6681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Sun, 28 Jan 2024 02:13:46 GMT
etag: W/"c7f7df25aef419fdb5220c1dba0247af"
last-modified: Mon, 15 Jan 2024 15:26:23 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-amz-cf-id: ev9b4Qm-FgitITXU_hGM3COLfesmZ2H81IRuYAQrTE2xYsDt4vORdw==
x-amz-cf-pop: ATL58-P9
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Content-Length: 140
Via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 02:13:46 GMT
location: https://www.affaerentreff.de?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
server: nginx
vary: Origin
x-eflow-request-id: 0f0ffb5f-6f59-4f63-8484-32676940f1fa

GET
H2 200 vue.prod.min.js Show response
www.affaerentreff.de/scripts/ 105 KB
38 KB 476ms
468ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/vue.prod.min.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d601f229247b261d18181988f7337b3f652165187f3c22a109821a50ea96a0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"7f8906c1a2320dd9108f0d40b74d8989"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: vRoiftIvb-b0dmkuCTsuWoCUhHbjwImLc4kC9lGooJ7x0B4bXRvAjw==

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 60ms
46ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.affaerentreff.de/
Origin: https://www.affaerentreff.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 02:13:46 GMT
x-content-type-options: nosniff
content-encoding: br
age: 19931270
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
x-served-by: cache-fra-eddf8230097-FRA, cache-lga21977-LGA
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.3.4.1.min.js Show response
www.affaerentreff.de/scripts/ 86 KB
31 KB 472ms
465ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/jquery.3.4.1.min.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"220afd743d9e9643852e31a135a9f3ae"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: PQuTo4FboOfCqEJZJBQO66k-yQVkNoebj-yMbZRWdpLpUa_eaNrNqQ==

GET
H3 200 js.cookie.js Show response
www.affaerentreff.de/scripts/ 4 KB
2 KB 544ms
543ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/js.cookie.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:29 GMT
server: AmazonS3
etag: W/"fa93e8894edb6245ab03883633b12b6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 6RIafQJknQ8JBJHjmgmMnfVXZov-QDdJ0ewa_07jCOB8itAOHQ2fxg==

GET
H2 200 main.css
www.affaerentreff.de/styles/ 19 KB
4 KB 463ms
457ms Stylesheet
text/css 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/styles/main.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f9d654ac900cbd8a09bb26c48a51260cb7d816c53c32ed69d4b2c90cb991d2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"d3ddcd97bf2f9fcc3da8330cea22f225"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: ivBAMR-Oc4zUCvFoV4sOrQmlFCUDBbb7kvKXgeuMNhJ1G3D1755fXA==

GET
H2 200 heflzjgg Show response
50slove.postaffiliatepro.com/scripts/ 27 KB
6 KB 577ms
102ms Script
application/javascript 91.201.28.212
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL

https://50slove.postaffiliatepro.com/scripts/heflzjgg

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.201.28.212 , Slovakia, ASN203480 (QUALITYUNIT, SK),

Reverse DNS

Software

nginx /

Resource Hash

291b8a5be6d7bd8d1e5bb6e5cbcb6c5312f1c7bb7da1e3b95ec8b2edbe836dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (2.lb-app.pap.ws-eu)
x-srv: 3
age: 95
content-length: 6076
last-modified: Mon, 18 Dec 2023 15:29:38 GMT
server: nginx
etag: "6ae8-60cca6afa9c80"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 793807876 792615397
cache-control: max-age=120
accept-ranges: bytes
expires: Sun, 28 Jan 2024 02:14:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 41ms
20ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adaeb68ebdcdda983cd5aea99deb9dd18bdeaa5475cd4a3c01d3e4e9e1ef564a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44488
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 02:13:50 GMT

GET
H2 200 config.js Show response
www.affaerentreff.de/configs/ 1 KB
898 B 465ms
460ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/configs/config.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

30a2fd1f1d65fcb9aab83057288891808eb932fb9acdc7991cda1c25a8707f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:22 GMT
server: AmazonS3
etag: W/"f76b7ee5952938f2a908a62fbc26cdf6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: eA6RLiadX8Six_S9PXVrnpMBeFuBjg6UaM8mieiWi3MCaPrfri-hjg==

GET
H2 200 axios.0.25.0.min.js Show response
www.affaerentreff.de/scripts/ 18 KB
7 KB 467ms
462ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/axios.0.25.0.min.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b00828aa594968071f062841833553f98541845061e2d1c3144da47acce5940d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"3f3c2540b53a9f09d04c2a826716fcf2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: G-dL1ivT0RpltNmxh9C5AlPwy_iUFoI4frdKKgmapi-mxkQGuPHkMw==

GET
H3 200 jwt-decode.js Show response
www.affaerentreff.de/scripts/ 4 KB
2 KB 553ms
552ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/jwt-decode.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b190768a27312ddecca5f1f2e2ef9c55a79457391e493fc514d4ce17ebd3b224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:29 GMT
server: AmazonS3
etag: W/"b0a42accad91746f04333f15fd67af39"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: XFOYqFsX8HRPXY9iPeFs-Ad8M32hJnTQV5YPRBc1853RB2Am54DhrQ==

GET
H2 200 countrySelectData.js Show response
www.affaerentreff.de/scripts/ 5 KB
1 KB 462ms
457ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/countrySelectData.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e30993ba98335c5da42a597b569fc5e1a3af35c39f69540e9b76f1cefe9d266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:29 GMT
server: AmazonS3
etag: W/"ee7744ad91e0c3c02a397292c9d5248a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: eXkA-kCt4XGnfDHCgkvsOAradsUdjJuy84pUkQD1tQa2NNgzYotklQ==

GET
H2 200 vue-router.3.4.5.js Show response
www.affaerentreff.de/scripts/ 86 KB
22 KB 463ms
459ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/vue-router.3.4.5.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e052d8c61cf2bb73abe3b42a7ce6ab87e88653e9d1d263af3f37d728b948b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"2c9c3252901dd105ec7846ccc493d197"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: UGSfl0GUmmFQ0I5Ju3xKvghuJEA43GyHq0Z9Mj2flxe5d5veot4tvg==

GET
H2 200 prelander.vue.js Show response
www.affaerentreff.de/pages/ 9 KB
2 KB 471ms
466ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/pages/prelander.vue.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e7bf7d34a51c9d6b9e0c8c9ab77599aeb40186375f11307684ded2b5e75a28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:24 GMT
server: AmazonS3
etag: W/"3257f0fd8bc12c46544a3fa206ff7752"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: iO8tTvLLWkx5Mna4WRxP3zfi0oAqTPAUE4sEGB20mqzBqPANZe1f4Q==

GET
H2 200 landingpage_v1.vue.js Show response
www.affaerentreff.de/pages/components/ 35 KB
5 KB 465ms
461ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/pages/components/landingpage_v1.vue.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9040613debda8e0d015563aadf1aa5d2e0399a8865ef972fb90c29f0cab0a2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:23 GMT
server: AmazonS3
etag: W/"4f27fc35a30dd577d2053a116b22a42a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: e0oZPW86zewKKadBy0ZSRBugxxkDyXnqxmrQqUcBEHxb_SaKhYD-rQ==

GET
H2 200 landingpage_v2.vue.js Show response
www.affaerentreff.de/pages/components/ 13 KB
3 KB 463ms
459ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/pages/components/landingpage_v2.vue.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

73fcbaf2504050334e324594bc9b1b44eb2b8338a4b552dca1c4dfc99b0c99f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:23 GMT
server: AmazonS3
etag: W/"f06fafd26e99bcb89af5ae01ef790515"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: CYI1iJaZHTgd9mkAErvk_QVUfFGQaCPhuJk_825GE99qsxYUmF4kfw==

GET
H2 200 app.vue.js Show response
www.affaerentreff.de/pages/ 20 KB
3 KB 4553ms
4549ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/pages/app.vue.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ea53a13e34d782e4408913319f375ca93d7af8f3f9edb75d8c7b1bceb07c9f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:23 GMT
server: AmazonS3
etag: W/"eaf878efe67517c48cd1a6f2e46fc151"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: Fqn1AWc7b2BA1D5wc0aLIP08GEL2Yv1Zvc3cX3tI6X0wg3zX_F0Xbw==

GET
H2 200 cancelmemebership.vue.js Show response
www.affaerentreff.de/pages/ 20 KB
4 KB 4541ms
4537ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/pages/cancelmemebership.vue.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c7fb8e00906d9a203c24532e6b32838eec1ff36386136ce8ff6847d1e6a8364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:23 GMT
server: AmazonS3
etag: W/"b1ddbd7fe7f5234c645f574128b79b68"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: z4cag_Jb8yNZRFtN9dfkgIXBiJfP-hOQwIeGQpy5EZ1ihlP-32GQUQ==

GET
H2 200 translationsEN.js Show response
www.affaerentreff.de/translations/ 4 KB
2 KB 4552ms
4548ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/translations/translationsEN.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92f1c173a2fcb9611997bf02435f4a18f41ed65968b7b76d413d998e27f8236b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"fc17fc07f5decb564cc560a61fd48ba3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 1VIixqjGA9y65y9G3XxGnXSuJpYP29wJ8bpf_6NrOz9CkYbFEiBXDw==

GET
H2 200 termsAndPolicies.js Show response
www.affaerentreff.de/scripts/ 313 KB
81 KB 4553ms
4550ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/termsAndPolicies.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8f60768b08308fe3b28a553d14a7b13133e0ca71f718ef27d9fee159afe7767b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"fe33cebac352a2497b6e9934d386822a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: pimelfayaoWaEYf6w3waKnYwe4-ES-Qvivw8Vyc5U5k75yx4OuCIuA==

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 42ms
32ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 02:13:46 GMT
x-content-type-options: nosniff
content-encoding: br
age: 12273
x-jsd-version: 3.1.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1363
x-served-by: cache-fra-eddf8230078-FRA, cache-lga21939-LGA
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 42ms
33ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 02:13:46 GMT
x-content-type-options: nosniff
content-encoding: br
age: 10237
x-jsd-version: 3.1.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7125
x-served-by: cache-fra-eddf8230120-FRA, cache-lga21939-LGA
x-jsd-version-type: version
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
24 KB 57ms
47ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.affaerentreff.de/
Origin: https://www.affaerentreff.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 02:13:46 GMT
x-content-type-options: nosniff
content-encoding: br
age: 21557221
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
x-served-by: cache-fra-eddf8230080-FRA, cache-lga21977-LGA
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 61ms
25ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 1310731
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84c5b7d75f3e8cad-EWR
cdn-requestpullsuccess: True

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 60ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1660414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQfNzQM52rlf7lGNHDwKv4J7HrQ6ueCC8BLJsiAlv24Ii60FJmfvgTBzq%2BNnyxEUpzG%2FNhLhNLqs%2BDRTrQG8SSSkA5D39XYJ02RYQHJzvJ6YWdItpxQFrOqhUMGFNP3HLfo8BNcZ6Hk%2Ft%2BvWuDl4gYaS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84c5b7d74d7a43ad-EWR
expires: Fri, 17 Jan 2025 02:13:46 GMT

GET
H2 200 main.js Show response
www.affaerentreff.de/scripts/ 48 KB
10 KB 4549ms
4548ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/scripts/main.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e2735602abdfa25ebbcd5f2606f2b768aae5f2cf20f835aa29c661e8dbfc33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 b10bc83e806604a91e7e9956de2a9242.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"0307023b6ff173e7aff562fe0819fecb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: oZHFWrF8ptlFz-I7JeJ03JCXZJxVwn4tSQ3n6ZpuMGNhbp9egJ7zSw==

GET
H2 200 heflzrgg Show response
50slove.postaffiliatepro.com/scripts/ 66 B
430 B 107ms
106ms Script
application/x-javascript 91.201.28.212
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL: https://50slove.postaffiliatepro.com/scripts/heflzrgg?accountId=default1&userId=vivero&url=S_www.affaerentreff.de%2F&referrer=&isInIframe=false&getParams=%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b&anchor=
Requested by: Host: 50slove.postaffiliatepro.com
URL: https://50slove.postaffiliatepro.com/scripts/heflzjgg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.201.28.212 , Slovakia, ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software: nginx /
Resource Hash: 6cdec2ffa9b60112a7732f8cfda5bcf3ce5c6788b8611e4c0f78107aead3308d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: application/octet-stream, application/x-javascript
date: Sun, 28 Jan 2024 02:13:50 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
76 KB 50ms
29ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N53M925

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b63b0cffa8ebd978a8eeeb057f685ac9528c58d7ead5c2211bd7bbe389ed83a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77978
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 02:13:50 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 94ms
48ms Script
application/javascript 23.48.224.103
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC47R8RC77U9MSBJN5NG&lib=ttq
Requested by: Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.103 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3d519f359fe473077435a56f5f638e28e9da580588b046a6f19fcafe7356678

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 1e289b0c.1c092f20
date: Sun, 28 Jan 2024 02:13:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240128021350EDEC28AA1B6EC74AB2E6-05D6CB6DEA288905-00
x-cache: TCP_MISS from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 16,23.195.36.71
server-timing: cdn-cache; desc=MISS, edge; dur=8, origin; dur=8, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20240128021350EDEC28AA1B6EC74AB2E6
x-cache-remote: TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.48.100.43
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d9a8e87a5fdd6812db2bf14df5ea84fe408c5eeca3e528fd45e6390577f54730d672f51d40b2760f898d641fd35d35225ee0469eaf57b8e85e474137237897fc2227cf2f843d745e5864d3040368b345b1ab8564d7c1796b1461be39ad801dcb6
expires: Sun, 28 Jan 2024 02:13:50 GMT

GET
H3 200 OpenSans-Regular.ttf
www.affaerentreff.de/fonts/ 95 KB
58 KB 547ms
547ms Font
font/ttf 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/fonts/OpenSans-Regular.ttf

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/styles/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.affaerentreff.de/styles/main.css
Origin: https://www.affaerentreff.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:22 GMT
server: AmazonS3
etag: W/"3ed9575dcc488c3e3a5bd66620bdf5a4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: b8Gh0Hfz8PjZ4QGp7qaGmBKXBTjYR2_UE6K_ESS5ewzMDcp3pBtajw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 41ms
40ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-447642286&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8eb40ec7d46cd42088cfecd8a15618a4c67362ef7b77fe6327dea8509c9259d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72892
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 02:13:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
93 KB 28ms
28ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TE5Y97YKC8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9e6725d258edccb655d520d4fe0da42062ece37f587ee6a52a41de52425b9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94877
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 02:13:50 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 50ms
9ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 02:13:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: ftnVeNovN277PQ2pxOFyxfdS9AVPtI7HUMy+E2uK5kpzaOty/rSV4eHBM7cbmI/sUh1Xv1o42VvbwLppt9hjUA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
7ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 Jan 2024 01:51:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1327
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 28 Jan 2024 03:51:43 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 53ms
21ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 28 Jan 2024 02:13:50 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E73F4A5D5B44275BFFE51766729052E Ref B: EWR311000107053 Ref C: 2024-01-28T02:13:50Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 hotjar-2147602.js Show response
static.hotjar.com/c/ 9 KB
4 KB 85ms
16ms Script
application/javascript 108.138.106.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2147602.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-126.jfk50.r.cloudfront.net

Software

Resource Hash

5412ae37ac12c2e020020573da8622b9fc850e5abe977f4a028e53475863d1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 20
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/d7befd69a344a5050f34bd30a0b407ea
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: zHzLLAO4vT6vLGiNAYvySX6QocwDA4z1TaRGSNVrPitwEXtKnBBmGQ==

GET
H/1.1 200
OK uniclick.js Show response
detour.datingalpha.net/ 5 KB
5 KB 105ms
26ms Script
text/plain 108.62.123.181
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://detour.datingalpha.net/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=65523e2b03a3e500010e90da&regviewonce=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 108.62.123.181 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 648114310492d12a9858030eb33cb6badb6219c8e96dc402ecd86354d17793bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:13:50 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 adu_affaerentreff_de.js Show response
scripts.azshopp.com/scripts/ 22 B
564 B 105ms
56ms Script
text/javascript 2606:4700:3036::ac43:9c50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.azshopp.com/scripts/adu_affaerentreff_de.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b69dbf32872647ab14e3d00c71a610cd16ab16db42a9fb1dc7add247b2bde55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-runtime: 0.015287
date: Sun, 28 Jan 2024 02:13:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3b69dbf32872647ab14e3d00c71a610c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28MxinOySmo8iKX9IZo8PEryT2ATZOoSmx0CAA9phWZM4Uilemameb4rH8O%2BTq%2Fg%2B8Qz1%2FUBtBJTTrwh7qdySDKSh0jSTxImxpAwtXBoTJmUpEjGCG9QJTqNd0eXKIUCgifwhJuNSsF8mYSMaoNKALPz"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 84c5b7f0dd2e7292-EWR
alt-svc: h3=":443"; ma=86400
content-length: 22
x-request-id: 735d2fff-69bc-4348-a4a4-1a21f21ec0fa

GET
H2 200 main.MTU3YmJkODI0MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 379 KB
103 KB 12ms
10ms Script
application/javascript 23.48.224.103
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC47R8RC77U9MSBJN5NG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.103 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 1c0930a2
date: Sun, 28 Jan 2024 02:13:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401252008439DEE1056A343F56ED9CB
x-tt-trace-id: 00-2401252008439DEE1056A343F56ED9CB-15276DD0A28E0110-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01cddd7d1591847c1000638f38bb08908156619495284a6e898c3d904501009d6883160fee4e18a41abfd81de9ddf2055a4f0fbe4f9e68a73cc0cd56285b4b6c015609390c01a9d7577abbefd3a2b26c9f04c66590d01a9766257e47a74315110d
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=22
content-length: 105004

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/447642286/ 2 KB
2 KB 55ms
35ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/447642286/?random=1706408030840&cv=11&fst=1706408030840&bg=ffffff&guid=ON&async=1&gtm=45be41o0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b&hn=www.googleadservices.com&frm=0&pscdl=noapi&auid=2067694600.1706408031&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-447642286&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f362484cdb0d8359752a94ef6d5de4b9eac54b37e535123db404f17d1e0cc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 02:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1280
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_0a875.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 12ms
11ms Script
application/javascript 23.48.224.103
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.103 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 1c093265
date: Sun, 28 Jan 2024 02:13:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401231515385F08A1BD5583529680F6
x-tt-trace-id: 00-2401231515385F08A1BD5583529680F6-0A2A20D0E9BDF05B-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ea667eda732cfc434fe0e1627b4dcc27ea000784901d2e25716df4dc6f043bb6720a5f1a9d853d4d749b364d27e422317e62e271d098cf94279ccce5c749598b87e0e854e4ed4262dbcaa60733fac347dcc9d9363be01233554873f1b7c5b617
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 37075

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
703 B 74ms
73ms Ping
text/plain 23.48.224.103
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.103 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.affaerentreff.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1c093351
date: Sun, 28 Jan 2024 02:13:51 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240128021350692BF14DA6ED063E6930-35EF9A82ED56229F-00
x-cache: TCP_MISS from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=46, cdn-cache; desc=MISS, edge; dur=6, origin; dur=54
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240128021350692BF14DA6ED063E6930
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 54,23.195.36.71
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d84d22b2465bd7627c030c5d62de695e37f4039ed75daf2db7db25d3c063cfa3d1779d87e147553b32c9f48361a524440ec6509701875bcdf5fc71e46d98dd526c6dcc130df2d2d654b993d5fd97c3f20
access-control-allow-headers: Authorization,*
expires: Sun, 28 Jan 2024 02:13:51 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 25ms
24ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1355858600&t=pageview&_s=1&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1928453728&gjid=562791687&cid=450333004.1706408031&tid=UA-167101890-5&_gid=510348753.1706408031&_r=1&gtm=45He41o0n81N53M925v852878785&cd1=0&cd3=0&cd4=0&cm1=0&gcd=11l1l1l1l1&dma=0&z=1334671791

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.affaerentreff.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 02:13:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.affaerentreff.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 550272220639696 Show response
connect.facebook.net/signals/config/ 52 KB
11 KB 83ms
82ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/550272220639696?v=2.9.143&r=stable&domain=www.affaerentreff.de&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76d24199306842206c0cefa20e85c0b7f4f0a4b0b86fb47bce520fbe8bebfd14

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 02:13:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 13ZNgpabhUQFlPQkkL2R6YwTOEzbwySpfUGIumnKd4Qbr0BRFhQu8s+xa0QMfWA0x5k79ycFFO981kS5+HoYqw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 22ms
21ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TE5Y97YKC8&gtm=45je41o0v9104833779z8852878785&_p=1706408030696&gcd=11l1l1l1l1&dma=0&cid=450333004.1706408031&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706408030&sct=1&seg=0&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b&dt=&en=page_view&_fv=1&_ss=1&ep.anonymizeIp=true&ep.transport=beacon&up.is_premium=0&up.custom_user_id=0&up.match_count=0&tfd=5027
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE5Y97YKC8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 02:13:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.affaerentreff.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 134506284.js Show response
bat.bing.com/p/action/ 0
118 B 18ms
18ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134506284.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 28 Jan 2024 02:13:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A5BEB7460A7D42F1A1B8E16BD95AAD3A Ref B: EWR311000107053 Ref C: 2024-01-28T02:13:51Z
x-cache: CONFIG_NOCACHE

GET
H2 200 modules.0c2aac1b2d1ba79f2a01.js Show response
script.hotjar.com/ 219 KB
55 KB 46ms
7ms Script
application/javascript 18.164.96.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2147602.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-87.jfk50.r.cloudfront.net

Software

Resource Hash

8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:40:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 297225
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55804
last-modified: Wed, 24 Jan 2024 15:39:41 GMT
etag: "252eda316b5dfe5750655c881f809a75"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: VvSM2Fxygtokecc5q8hlzvtcVNxgYsxVN9fO3BHTvZlZIsn7eqcFKQ==

GET
H2 200 /
www.google.com/pagead/1p-user-list/447642286/ 42 B
455 B 51ms
28ms Image
image/gif 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/447642286/?random=1706408030840&cv=11&fst=1706407200000&bg=ffffff&guid=ON&async=1&gtm=45be41o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_A9KRQu3I3cyeoOxEh51YXS1FdVS-eQ&random=2688510162&rmt_tld=0&ipr=y

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 02:13:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 65523e2b03a3e500010e90da Show response
detour.datingalpha.net/ 200 B
1 KB 52ms
23ms XHR
application/json 108.62.123.181
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://detour.datingalpha.net/65523e2b03a3e500010e90da?format=json&referrer=&a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b&sub19=undefined&sub20=undefined
Requested by: Host: detour.datingalpha.net
URL: https://detour.datingalpha.net/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=65523e2b03a3e500010e90da&regviewonce=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 108.62.123.181 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 806bf60cff70594b8d4d75fd9db96dff5e8bbb9b34578bb0590cb9acd8fc7da4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:13:51 GMT
Server: nginx/1.20.2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 200

GET
H/1.1 204
No Content view Show response
detour.datingalpha.net/ 0
306 B 242ms
242ms XHR
text/plain 108.62.123.181
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://detour.datingalpha.net/view?clickid=65b5b85fc505ec00011a71a4&referrer=
Requested by: Host: detour.datingalpha.net
URL: https://detour.datingalpha.net/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=65523e2b03a3e500010e90da&regviewonce=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 108.62.123.181 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 28 Jan 2024 02:13:51 GMT
Server: nginx/1.20.2
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
701 B 78ms
75ms Ping
text/plain 23.48.224.103
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.103 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.affaerentreff.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1c093961
date: Sun, 28 Jan 2024 02:13:51 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240128021351FF1F010B803CD6FCCF9E-17A145C8320796F6-00
x-cache: TCP_MISS from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=23, cdn-cache; desc=MISS, edge; dur=4, origin; dur=32
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240128021351FF1F010B803CD6FCCF9E
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.195.36.71
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d84d22b2465bd7627c030c5d62de695e3ab404549ca80b077e9684a8159cb61a968759ffa34f7a55a818702660d681b9fabeda2df9caa42ed8011a3724dfacd192fafb0efbe64fa4103edf2f765c6904d
access-control-allow-headers: Authorization,*
expires: Sun, 28 Jan 2024 02:13:51 GMT

GET
H2 200 track.js Show response
ais.ladesk.com/scripts/ 49 KB
13 KB 708ms
264ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/track.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

88246e7f5d30387f283df5907c2694534d3399cd71676d124b16705fb6ca9c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 3
age: 49
content-length: 13040
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
etag: "c480-60f358fc50100"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 417125678 417893476
cache-control: max-age=300, public
accept-ranges: bytes
expires: Sun, 28 Jan 2024 08:13:03 GMT

GET
H3 200 translationsDE.js Show response
www.affaerentreff.de/translations/ 4 KB
2 KB 435ms
434ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/translations/translationsDE.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

134f038d354ff9d5fbdcf639c79a7b62cac791cf14e7384bdd936597c64def0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"cc05fb0e8c650d5534acbdfbbbf5ebc1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: -3j9HNcpOVkb3OoyAPmVWH2JT0ueCCLgDl-ho_74PkAzofS4WZ8i-w==

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 193ms
73ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.affaerentreff.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 2258185
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 75d6336d2057cfb8cba04cf336cad1c2
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84c5b7f6f86c433f-EWR
cdn-requestpullsuccess: True

GET
H2 204 0
bat.bing.com/action/ 0
361 B 85ms
84ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134506284&tm=gtm002&Ver=2&mid=fbfc27b1-a256-4229-819b-68ca520e8139&sid=e13cb700bd8211ee8ac1b18467620a1a&vid=e13cedf0bd8211ee8535291c250ed1e3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b&r=&lt=5751&evt=pageLoad&sv=1&rn=641772

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 02:13:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7595B66DA8944040815F76E1F178DBCE Ref B: EWR311000107053 Ref C: 2024-01-28T02:13:51Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 translationsDE.js Show response
www.affaerentreff.de/translationsWL-affaerentreff/ 2 KB
2 KB 487ms
486ms Script
application/javascript 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/translationsWL-affaerentreff/translationsDE.js

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ad322908b8f139ba891aca56ac9bafef691e245cc93aae352cf41075c999ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:30 GMT
server: AmazonS3
etag: W/"944321a3dcba8affaec998ff909f730a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: wH9ofs_m4lNX90qQI2xU0oqQ3Hmzy5Izbkq2IqCiwJZ1gC0tjT3fvA==

GET
H3 200 main.css
www.affaerentreff.de/resourcesWL-Affaerentreff/ 15 KB
3 KB 438ms
437ms Stylesheet
text/css 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affaerentreff.de/resourcesWL-Affaerentreff/main.css

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9f32e21bb384c67c6f238522394c74875eda4887ab952c87ba29c394778e2d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: ATL58-P9
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 15:26:26 GMT
server: AmazonS3
etag: W/"15c8ce820fe2ad99c76c39ccefad44b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: xA36aWPylv_vUrnr7p2ZYvbrQGG36RPrnjltY7VrQ2Nb2gQ9m9Yn3g==

GET
H2 200 track_visit.php Show response
ais.ladesk.com/scripts/ 263 B
576 B 135ms
135ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/track_visit.php?t=Y&C=Track&B=bvh7uzbm7x0pybl4h69i7yc58ytht&S=t6mmdoy7mvdmkt5wmc25le61k8c28&pt=&url=__S__www.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b&ref=&sr=1600x1200&ud=%7B%7D&vn=Y&ci=&jstk=Y

Requested by

Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

6aaf5f1c3231cdbd1e5cf84105ed00d2ad1955868178b8b3e3ca3e0279580616

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 5
age: 0
content-length: 206
pragma
last-modified: Sun, 28 Jan 2024 02:13:52 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 417288597 416763218
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bus.html Show response
2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/ Frame 3A9F 315 B
263 B 448ms
89ms Document
text/html 172.104.244.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Requested by: Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1821-5.members.linode.com
Software: nginx /
Resource Hash: 5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3

Request headers

Referer: https://www.affaerentreff.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 28 Jan 2024 02:13:53 GMT
etag: W/"65a8f8e4-13b"
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx

GET
H2 200 termsAndPolicies_de.js Show response
cdn.aisgmbh.at/tos/ 56 KB
16 KB 354ms
32ms Script
application/javascript 3.161.188.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aisgmbh.at/tos/termsAndPolicies_de.js
Requested by: Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.188.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-188-96.atl59.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7fd5e5134415291d0b0e97ed853f79104e090b566b39b2a6ce854621817f4d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: kfPp4iKvdGJ_7lz3kj_PirhHBU2u57qr
content-encoding: br
via: 1.1 1563e2cfc36a243f417da62b2f4b6436.cloudfront.net (CloudFront)
date: Sat, 27 Jan 2024 11:41:41 GMT
last-modified: Thu, 27 Jul 2023 12:39:37 GMT
server: AmazonS3
x-amz-cf-pop: ATL59-P7
age: 52333
x-amz-server-side-encryption: AES256
etag: W/"43494d2a12a5d8a436a3beed95aeacc3"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: J7kH9_wxmPWDx-tVfxdzsAG3_BEp_ASOYejOeUQAlVU-o7thwqCPog==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 55ms
5ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=550272220639696&ev=PageView&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b&rl=&if=false&ts=1706408033163&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706408033162.830569555&ler=empty&cdl=API_unavailable&it=1706408030968&coo=false&exp=d1&rqm=GET

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Jan 2024 02:13:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 BG-1.jpg
www.affaerentreff.de/resourcesWL-Affaerentreff/images/lpbgs/lp7/ 166 KB
166 KB 458ms
457ms Image
image/jpeg 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.affaerentreff.de/resourcesWL-Affaerentreff/images/lpbgs/lp7/BG-1.jpg

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

58033759e0c57ce460edd0263d8e1459b4fe3e0f972ce16bcba51f1417b0b9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 169777
last-modified: Mon, 15 Jan 2024 15:26:27 GMT
server: AmazonS3
etag: "6fabf4809dccce55b9a9b9cfa6418894"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: 96zAn6TE3UdX2jv7UGR33AYI4_DqhRnvzmuNBtFHZroCpcgeVPSgjg==

GET
H3 200 main-logo.png
www.affaerentreff.de/images/affaerentreff/ 12 KB
12 KB 454ms
454ms Image
image/png 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.affaerentreff.de/images/affaerentreff/main-logo.png

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bc38423f463c03c12ca83923df84a9aa856d55465682dc9dda239f6ae2ecdf0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 11939
last-modified: Mon, 15 Jan 2024 15:26:22 GMT
server: AmazonS3
etag: "39653e147551e245fb90f8b0230d6fef"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: PkQSYxtiDgc186QnxJJDA_UzL1t7tPiBPiWQv6xNQBfjj_BDcAM-Bg==

GET
H3 200 austria.jpg
www.affaerentreff.de/images/flags/rect/ 2 KB
2 KB 474ms
473ms Image
image/jpeg 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.affaerentreff.de/images/flags/rect/austria.jpg

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

58c7b0ab7c6b0671f6ee2463aba8a22e8fbf5821798b88ec20b0717377f8d56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1992
last-modified: Mon, 15 Jan 2024 15:26:22 GMT
server: AmazonS3
etag: "958ca648c59661f9a732a58cff450b72"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: qv3wPnJUJJb4q0yJn8u4NwersYIeMd67WDtm9o1I7d5lDBH-8SYSQw==

GET
H3 200 switzerland.jpg
www.affaerentreff.de/images/flags/rect/ 3 KB
4 KB 451ms
450ms Image
image/jpeg 2600:9000:2688:4a00:13:920a:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.affaerentreff.de/images/flags/rect/switzerland.jpg

Requested by

Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2688:4a00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b9fd04adbd083260a6ebf0f823e996ff66c6360bc55f6eab59d9bd86ce9a9c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=67b575eef92f460e99ae95f2ed547d4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 66d7816e8f0605c3c3fa4274826371c4.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL58-P9
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3454
last-modified: Mon, 15 Jan 2024 15:26:22 GMT
server: AmazonS3
etag: "1f45497a26bb07861cd859965dfdffc2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: CXMnn6tpBbfyC40ywV95Vc7pbk2-ZXcMvqegq9weOLHnBQsX0nblXA==

GET
H2 200 postmessage_bundle.js Show response
2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/ Frame 3A9F 2 KB
2 KB 147ms
147ms Script
application/javascript 172.104.244.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/postmessage_bundle.js
Requested by: Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1821-5.members.linode.com
Software: nginx /
Resource Hash: fd217f54257ddc2df28c0866613b5e7b1cf450610240f5bf651d1c2c5267dd3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
accept-ranges: bytes
etag: "65a8f8e4-812"
content-length: 2066
content-type: application/javascript

GET
H2 200 pushstream_bundle.js Show response
2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/ Frame 3A9F 20 KB
20 KB 233ms
233ms Script
application/javascript 172.104.244.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/pushstream_bundle.js
Requested by: Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1821-5.members.linode.com
Software: nginx /
Resource Hash: ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
accept-ranges: bytes
etag: "65a8f8e4-50d0"
content-length: 20688
content-type: application/javascript

GET
H2 200 bus_bundle.js Show response
2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/ Frame 3A9F 2 KB
2 KB 233ms
233ms Script
application/javascript 172.104.244.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/bus_bundle.js
Requested by: Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1821-5.members.linode.com
Software: nginx /
Resource Hash: 2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
accept-ranges: bytes
etag: "65a8f8e4-8ca"
content-length: 2250
content-type: application/javascript

GET
H2 200 button.php Show response
ais.ladesk.com/scripts/ 605 B
747 B 88ms
87ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/button.php?ChS=UTF-8&C=Widget&i=q2dm1s7e&p=__S__www.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b

Requested by

Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

ad8c73542f6429281ad536d543f24277def7b006b7d31fbca24b5b44627c7911

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 5
age: 61
content-length: 365
pragma
last-modified: Sun, 28 Jan 2024 02:12:52 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-varnish: 416763262 409230831
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 304 v2 Show response
2-vbus-de.ladesk.com/5_43_5_9/u446666_8543/bvh7uzbm7x0pybl4h69i7yc58ytht/event/lp/ Frame 3A9F 0
161 B 132ms
131ms XHR 172.104.244.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://2-vbus-de.ladesk.com/5_43_5_9/u446666_8543/bvh7uzbm7x0pybl4h69i7yc58ytht/event/lp/v2?channels=cd88f128ae_vb_t6mmdoy7mvdmkt5wmc25le61k8c28&tag=0&time=Sat%2C%2027%20Jan%202024%2022%3A03%3A53%20GMT&eventid=&_=1706408033498
Requested by: Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/pushstream_bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1821-5.members.linode.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
last-modified: Sat, 27 Jan 2024 22:03:53 GMT
server: nginx
etag: W/0
content-type: application/octet-stream
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 generateWidget.php Show response
ais.ladesk.com/scripts/ Frame E306 31 KB
8 KB 132ms
131ms Document
text/html 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1706416275&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b

Requested by

Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

07bfe355f807a4d3eb57572ccba18463c1ab1c7a3bcf7d1ac6ca00026e4aefc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.affaerentreff.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=31536000, public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 02:13:53 GMT
expires: Wed, 01 Jan 2025 08:00:00 GMT
last-modified: Tue, 01 Jan 2008 08:00:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish (1.lb-app.la.linode-de)
x-content-type-options: nosniff
x-srv: 4
x-varnish: 415861029

GET
H2 200 contact.css
ais.ladesk.com/themes/contact/material/ Frame E306 122 KB
38 KB 173ms
171ms Stylesheet
text/css 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/themes/contact/material/contact.css?v=5.43.5.9

Requested by

Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1706416275&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

082585bdc55df3f819dd1110fe0c45188216be7495392d86e66a8fdd7bbd0c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 1
age: 971
content-length: 38329
last-modified: Thu, 18 Jan 2024 10:09:56 GMT
server: nginx
etag: "1e832-60f3590b92500"
vary: Accept-Encoding
content-type: text/css
x-varnish: 415861043 417342223
cache-control: max-age=604800
accept-ranges: bytes
expires: Sun, 04 Feb 2024 01:57:42 GMT

GET
H2 200 bundle.e3f8621f3498fb9699e2.css
ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame E306 1 KB
896 B 388ms
386ms Stylesheet
text/css 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle.e3f8621f3498fb9699e2.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 4
age: 380
content-length: 533
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
etag: W/"582-60f358fc50100"
vary: Accept-Encoding
content-type: text/css
x-varnish: 417667578 415185882
cache-control: max-age=604800
accept-ranges: bytes
expires: Sun, 04 Feb 2024 02:07:33 GMT

GET
H2 200 bundle-eafdd79a1bd0f6d216d9.esm.js Show response
ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame E306 40 KB
14 KB 388ms
387ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle-eafdd79a1bd0f6d216d9.esm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

7d2fbdfcd907629e01ea9a0a8552ba3cfbd9746c84566979d9b357ec34809211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 5
age: 435
content-length: 14067
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
etag: W/"9ff3-60f358fc50100"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 417796151 417510206
cache-control: max-age=21600
accept-ranges: bytes
expires: Sun, 28 Jan 2024 08:06:38 GMT

GET
H2 200 stringutils-2e5dc2bf3827eb702243.esm.js Show response
ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame E306 203 KB
79 KB 275ms
275ms Script
application/javascript 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/stringutils-2e5dc2bf3827eb702243.esm.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

7d987df37a77ea9fd733426e20b6d9ace83c0c8c4b13449db503edd1eda1402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish (1.lb-app.la.linode-de)
x-srv: 4
age: 672
content-length: 80454
last-modified: Thu, 18 Jan 2024 10:09:40 GMT
server: nginx
etag: W/"32c4b-60f358fc50100"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 415614007 414538063
cache-control: max-age=21600
accept-ranges: bytes
expires: Sun, 28 Jan 2024 08:02:41 GMT

GET
H2 200 default-contactwidget-logo.png
ais.ladesk.com/themes/install/_common_templates/img/ Frame E306 5 KB
6 KB 274ms
273ms Image
image/png 172.104.238.149
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ais.ladesk.com/themes/install/_common_templates/img/default-contactwidget-logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1814-149.members.linode.com

Software

nginx /

Resource Hash

79751345f970ff2b3b5e916ba4523b96879a6a35579448da500bcdb6fa77e690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:13:53 GMT
via: 1.1 varnish (1.lb-app.la.linode-de)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-srv: 5
age: 922
content-length: 5388
last-modified: Thu, 18 Jan 2024 10:09:56 GMT
server: nginx
etag: "150c-60f3590b92500"
vary: Accept-Encoding
content-type: image/png
x-varnish: 415192463 417279268
cache-control: max-age=604800
accept-ranges: bytes
expires: Sun, 04 Feb 2024 01:58:31 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 102ms
102ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TE5Y97YKC8&gtm=45je41o0v9104833779&_p=1706408030696&gcd=11l1l1l1l1&dma=0&cid=450333004.1706408031&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1706408030&sct=1&seg=0&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D67b575eef92f460e99ae95f2ed547d4b&dt=&en=scroll&ep.anonymizeIp=true&ep.transport=beacon&epn.percent_scrolled=90&_et=19&tfd=10052
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE5Y97YKC8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.affaerentreff.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 02:13:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.affaerentreff.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tiktok.com/	1970-01-21 03:21:44	Name: _ttp Value: 2bZ1x9rfI6XsPQLPg41MGylsCOV
.postaffiliatepro.com/	1970-01-20 18:00:08	Name: PAPAffiliateId Value: vivero
.postaffiliatepro.com/	1970-01-21 02:46:04	Name: PAPVisitorId Value: GzUV2y3Cje98a2NcmahbOcOSJLcDFoyf
.affaerentreff.de/	1970-01-21 02:45:44	Name: PAPVisitorId Value: GzUV2y3Cje98a2NcmahbOcOSJLcDFoyf
.www.affaerentreff.de/	1970-01-21 02:45:44	Name: PAPVisitorId Value: GzUV2y3Cje98a2NcmahbOcOSJLcDFoyf
.affaerentreff.de/	1970-01-20 20:09:44	Name: _gcl_au Value: 1.1.2067694600.1706408031
.doubleclick.net/	1970-01-20 18:00:08	Name: test_cookie Value: CheckForPermission
.affaerentreff.de/	1970-01-21 03:21:44	Name: _tt_enable_cookie Value: 1
.affaerentreff.de/	1970-01-21 03:21:44	Name: _ttp Value: m-0bz-UmdZDcnJTZbhxeFg5N9mo
.affaerentreff.de/	1970-01-20 18:01:34	Name: _gid Value: GA1.2.510348753.1706408031
.affaerentreff.de/	1970-01-20 18:00:08	Name: _gat_UA-167101890-5 Value: 1
.affaerentreff.de/	1970-01-21 03:36:08	Name: _ga Value: GA1.1.450333004.1706408031
.affaerentreff.de/	1970-01-21 03:36:08	Name: _ga_TE5Y97YKC8 Value: GS1.1.1706408030.1.0.1706408031.0.0.0
www.affaerentreff.de/	1970-01-20 20:09:44	Name: rtkclickid-store Value: 65b5b85fc505ec00011a71a4
.affaerentreff.de/	1970-01-21 02:45:44	Name: _hjSessionUser_2147602 Value: eyJpZCI6ImQ4ZTkxYzlmLTJjOTgtNTMwMC05NDY0LTI3NWE4NWMwN2M2ZCIsImNyZWF0ZWQiOjE3MDY0MDgwMzE3MjUsImV4aXN0aW5nIjpmYWxzZX0=
.affaerentreff.de/	1970-01-20 18:00:09	Name: _hjSession_2147602 Value: eyJpZCI6Ijk3N2QwMGNhLWZmZGUtNGRiNi1iMWNlLTEzZWM4Njk3MWY0OSIsImMiOjE3MDY0MDgwMzE3MjYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.affaerentreff.de/	1970-01-20 18:01:34	Name: _uetsid Value: e13cb700bd8211ee8ac1b18467620a1a
.affaerentreff.de/	1970-01-21 03:21:44	Name: _uetvid Value: e13cedf0bd8211ee8535291c250ed1e3
.bing.com/	1970-01-21 03:21:44	Name: MUID Value: 0C793C99A3D7641C1C55288DA2D065DD
.bat.bing.com/	1970-01-20 18:10:12	Name: MR Value: 0
www.affaerentreff.de/	1970-01-20 18:01:34	Name: LaVisitorNew Value: Y
.affaerentreff.de/	1969-12-31 23:59:59	Name: LaVisitorId_YWlzLmxhZGVzay5jb20v Value: bvh7uzbm7x0pybl4h69i7yc58ytht
www.affaerentreff.de/	1969-12-31 23:59:59	Name: LaSID Value: t6mmdoy7mvdmkt5wmc25le61k8c28
www.affaerentreff.de/	1969-12-31 23:59:59	Name: a_aid Value: vivero
www.affaerentreff.de/	1969-12-31 23:59:59	Name: a_bid Value: 5316627b
.affaerentreff.de/	1970-01-20 20:09:44	Name: _fbp Value: fb.1.1706408033162.830569555
www.affaerentreff.de/	1969-12-31 23:59:59	Name: LaUserDetails Value: %7B%22t_country_code%22%3A%22de%22%2C%22t_product%22%3A%22AffaerenTreff%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/550272220639696?v=2.9.143&r=stable&domain=www.affaerentreff.de&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2-vbus-de.ladesk.com
50slove.postaffiliatepro.com
ais.ladesk.com
analytics.tiktok.com
bat.bing.com
cdn.aisgmbh.at
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
detour.datingalpha.net
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
script.hotjar.com
scripts.azshopp.com
static.hotjar.com
www.affaerentreff.de
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.vgnp3trk.com
108.138.106.126
108.62.123.181
172.104.238.149
172.104.244.5
18.164.96.87
23.48.224.103
2600:9000:2688:4a00:13:920a:46c0:93a1
2606:4700:3036::ac43:9c50
2606:4700::6811:180e
2606:4700::6812:acf
2607:f8b0:4006:80f::200e
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2004
2607:f8b0:4006:824::2008
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::485
3.161.188.96
34.117.39.110
91.201.28.212
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
07bfe355f807a4d3eb57572ccba18463c1ab1c7a3bcf7d1ac6ca00026e4aefc3
082585bdc55df3f819dd1110fe0c45188216be7495392d86e66a8fdd7bbd0c92
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
134f038d354ff9d5fbdcf639c79a7b62cac791cf14e7384bdd936597c64def0a
291b8a5be6d7bd8d1e5bb6e5cbcb6c5312f1c7bb7da1e3b95ec8b2edbe836dba
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24
30a2fd1f1d65fcb9aab83057288891808eb932fb9acdc7991cda1c25a8707f4b
3ad322908b8f139ba891aca56ac9bafef691e245cc93aae352cf41075c999ebf
3b69dbf32872647ab14e3d00c71a610cd16ab16db42a9fb1dc7add247b2bde55
3ea53a13e34d782e4408913319f375ca93d7af8f3f9edb75d8c7b1bceb07c9f8
3f362484cdb0d8359752a94ef6d5de4b9eac54b37e535123db404f17d1e0cc5f
3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e
3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15
5412ae37ac12c2e020020573da8622b9fc850e5abe977f4a028e53475863d1fd
58033759e0c57ce460edd0263d8e1459b4fe3e0f972ce16bcba51f1417b0b9fc
58c7b0ab7c6b0671f6ee2463aba8a22e8fbf5821798b88ec20b0717377f8d56d
5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3
5e2735602abdfa25ebbcd5f2606f2b768aae5f2cf20f835aa29c661e8dbfc33d
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e7bf7d34a51c9d6b9e0c8c9ab77599aeb40186375f11307684ded2b5e75a28b
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
648114310492d12a9858030eb33cb6badb6219c8e96dc402ecd86354d17793bc
6aaf5f1c3231cdbd1e5cf84105ed00d2ad1955868178b8b3e3ca3e0279580616
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cdec2ffa9b60112a7732f8cfda5bcf3ce5c6788b8611e4c0f78107aead3308d
73fcbaf2504050334e324594bc9b1b44eb2b8338a4b552dca1c4dfc99b0c99f4
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
76d24199306842206c0cefa20e85c0b7f4f0a4b0b86fb47bce520fbe8bebfd14
79751345f970ff2b3b5e916ba4523b96879a6a35579448da500bcdb6fa77e690
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c7fb8e00906d9a203c24532e6b32838eec1ff36386136ce8ff6847d1e6a8364
7d2fbdfcd907629e01ea9a0a8552ba3cfbd9746c84566979d9b357ec34809211
7d987df37a77ea9fd733426e20b6d9ace83c0c8c4b13449db503edd1eda1402a
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
806bf60cff70594b8d4d75fd9db96dff5e8bbb9b34578bb0590cb9acd8fc7da4
8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f
88246e7f5d30387f283df5907c2694534d3399cd71676d124b16705fb6ca9c00
8e052d8c61cf2bb73abe3b42a7ce6ab87e88653e9d1d263af3f37d728b948b32
8e30993ba98335c5da42a597b569fc5e1a3af35c39f69540e9b76f1cefe9d266
8eb40ec7d46cd42088cfecd8a15618a4c67362ef7b77fe6327dea8509c9259d7
8f60768b08308fe3b28a553d14a7b13133e0ca71f718ef27d9fee159afe7767b
9040613debda8e0d015563aadf1aa5d2e0399a8865ef972fb90c29f0cab0a2c8
92f1c173a2fcb9611997bf02435f4a18f41ed65968b7b76d413d998e27f8236b
9f32e21bb384c67c6f238522394c74875eda4887ab952c87ba29c394778e2d87
a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7fd5e5134415291d0b0e97ed853f79104e090b566b39b2a6ce854621817f4d6
ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2
ad8c73542f6429281ad536d543f24277def7b006b7d31fbca24b5b44627c7911
adaeb68ebdcdda983cd5aea99deb9dd18bdeaa5475cd4a3c01d3e4e9e1ef564a
b00828aa594968071f062841833553f98541845061e2d1c3144da47acce5940d
b190768a27312ddecca5f1f2e2ef9c55a79457391e493fc514d4ce17ebd3b224
b63b0cffa8ebd978a8eeeb057f685ac9528c58d7ead5c2211bd7bbe389ed83a6
b9fd04adbd083260a6ebf0f823e996ff66c6360bc55f6eab59d9bd86ce9a9c59
bc38423f463c03c12ca83923df84a9aa856d55465682dc9dda239f6ae2ecdf0a
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d601f229247b261d18181988f7337b3f652165187f3c22a109821a50ea96a0f9
d9e6725d258edccb655d520d4fe0da42062ece37f587ee6a52a41de52425b9f2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2347f12c65dbad05f419068e3720c005ffc9e10d405e56f0a431225b2ab6681
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d519f359fe473077435a56f5f638e28e9da580588b046a6f19fcafe7356678
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f9d654ac900cbd8a09bb26c48a51260cb7d816c53c32ed69d4b2c90cb991d2a6
fd217f54257ddc2df28c0866613b5e7b1cf450610240f5bf651d1c2c5267dd3c

www.affaerentreff.de Open in urlscan Pro 2600:9000:2688:4a00:13:920a:46c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

99 %HTTPS

57 %IPv6

19 Domains

21 Subdomains

21 IPs

3 Countries

1423 kBTransfer

4024 kBSize

27 Cookies

11 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.affaerentreff.de Open in urlscan Pro
2600:9000:2688:4a00:13:920a:46c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

99 %
HTTPS

57 %
IPv6

19
Domains

21
Subdomains

21
IPs

3
Countries

1423 kB
Transfer

4024 kB
Size

27
Cookies

78 HTTP transactions
-1 data transactions