staging.kunden-werben.thermondo.goldmarie-rewards.de Open in urlscan Pro
52.28.179.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Submission: On October 01 via automatic, source certstream-suspicious (October 1st 2021, 6:02:56 pm UTC) — Scanned from DE

Summary HTTP 42 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 42 HTTP transactions. The main IP is 52.28.179.30, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is staging.kunden-werben.thermondo.goldmarie-rewards.de.
TLS certificate: Issued by Amazon on October 1st 2021. Valid for: a year.

This is the only time staging.kunden-werben.thermondo.goldmarie-rewards.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	52.28.179.30 52.28.179.30	16509 (AMAZON-02) (AMAZON-02)
15	35.190.14.188 35.190.14.188	15169 (GOOGLE) (GOOGLE)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
1	13.225.87.62 13.225.87.62	16509 (AMAZON-02) (AMAZON-02)
4	35.241.3.184 35.241.3.184	15169 (GOOGLE) (GOOGLE)
1	13.224.193.38 13.224.193.38	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.12 13.224.193.12	16509 (AMAZON-02) (AMAZON-02)
2	34.120.238.166 34.120.238.166	15169 (GOOGLE) (GOOGLE)
42	12

9 52.28.179.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-179-30.eu-central-1.compute.amazonaws.com

staging.kunden-werben.thermondo.goldmarie-rewards.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-62.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.241.3.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.3.241.35.bc.googleusercontent.com

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-38.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.238.166 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 166.238.120.34.bc.googleusercontent.com

graphql.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	usercentrics.eu app.usercentrics.eu api.usercentrics.eu graphql.usercentrics.eu	139 KB
9	goldmarie-rewards.de staging.kunden-werben.thermondo.goldmarie-rewards.de	411 KB
4	cloudflare.com cdnjs.cloudflare.com	26 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	37 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	googletagmanager.com www.googletagmanager.com	74 KB
1	jquery.com code.jquery.com	30 KB
42	8

	Domain	Requested by
15	app.usercentrics.eu	staging.kunden-werben.thermondo.goldmarie-rewards.de app.usercentrics.eu
9	staging.kunden-werben.thermondo.goldmarie-rewards.de	staging.kunden-werben.thermondo.goldmarie-rewards.de
4	api.usercentrics.eu	app.usercentrics.eu
4	cdnjs.cloudflare.com	staging.kunden-werben.thermondo.goldmarie-rewards.de
2	graphql.usercentrics.eu	app.usercentrics.eu
2	stackpath.bootstrapcdn.com	staging.kunden-werben.thermondo.goldmarie-rewards.de
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	staging.kunden-werben.thermondo.goldmarie-rewards.de
1	code.jquery.com	staging.kunden-werben.thermondo.goldmarie-rewards.de
42	12

This site contains links to these domains. Also see Links.

Domain
policies.google.com
www.facebook.com
api.whatsapp.com
www.xing.com
twitter.com

Subject Issuer	Validity	Valid
staging.kunden-werben.thermondo.goldmarie-rewards.de Amazon	`2021-10-01` - `2022-10-30`	a year	crt.sh
app.usercentrics.eu GTS CA 1D4	`2021-08-28` - `2021-11-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
api.usercentrics.eu GTS CA 1D4	`2021-08-29` - `2021-11-27`	3 months	crt.sh
graphql.usercentrics.eu GTS CA 1D4	`2021-08-24` - `2021-11-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Frame ID: 6EAB2855986474DF03F5BDA36A37381D
Requests: 37 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: F08E803760D44A9F25E51801FFE722BD
Requests: 1 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/2.9.4/cross-domain-bridge.html
Frame ID: AEBE383DBEE21B10B1FA68246FD51DBE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Teilnehmer werben Teilnehmer – Empfehlung zahlt sich aus

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

800 kB
Transfer

1792 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Datenschutzbestimmungen

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=

Search URL Search Domain Scan URL

URL: https://www.xing.com/spi/shares/new?url=

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
staging.kunden-werben.thermondo.goldmarie-rewards.de/ 14 KB
15 KB 762ms
730ms Document
text/html 52.28.179.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.179.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-179-30.eu-central-1.compute.amazonaws.com

Software

Resource Hash

61f5d817c9c0d41739cad7e5a72131a443739561360df9893c167c2d51afe173

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: staging.kunden-werben.thermondo.goldmarie-rewards.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-type: text/html; charset=utf-8
content-length: 14720
x-frame-options: SAMEORIGIN
vary: Cookie
set-cookie: csrftoken=6OhR6yIp8bgKIvZMAmF0AZ0KFXrqSASWGATZCDeVuJ5AqzCTJM89dWG61lSsWEhq; expires=Fri, 30 Sep 2022 18:02:51 GMT; Max-Age=31449600; Path=/; SameSite=Lax

GET
H2 200 loader.js Show response
app.usercentrics.eu/browser-ui/latest/ 27 KB
11 KB 32ms
7ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/loader.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

adeaa0e6e5e6e4f71bd42d41f02cf5a8cc13277d29e981b3c51fcc2738776b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:30:35 GMT
content-encoding: gzip
age: 1936
x-guploader-uploadid: ADPycdtWTprOpI-z5HKySmGzK9j7CLMIaYp-Qa8T_xjkULjpwlohhV42-n54iUBq_dKkiRK3DMjBMaHGoOjwAO6vCs4
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 11183
last-modified: Thu, 30 Sep 2021 11:33:25 GMT
server: UploadServer
etag: "f3265dfd564ad849f48e4054912efd30"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=8L+K3w==, md5=8yZd/VZK2En0jkBUkS79MA==
x-goog-generation: 1633001605758046
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 11183
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:30:35 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 134ms
110ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 752, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-07-24 16:36:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 60215c848f1bf1ae28e7e13f4e060494
cf-ray: 69779ab979065c85-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 style.css
staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/icomoon/ 1 KB
1 KB 12ms
12ms Stylesheet
text/css 52.28.179.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/icomoon/style.css
Requested by: Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.179.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-179-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4148600c94351f8fe9224af64722fc1c26b650a5284f13973d3bb6700c1cdc34

Request headers

:path: /static/kwk/icomoon/style.css
pragma: no-cache
cookie: csrftoken=6OhR6yIp8bgKIvZMAmF0AZ0KFXrqSASWGATZCDeVuJ5AqzCTJM89dWG61lSsWEhq
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: staging.kunden-werben.thermondo.goldmarie-rewards.de
referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
last-modified: Fri, 01 Oct 2021 10:21:45 GMT
content-length: 1434
content-type: text/css

GET
H2 200 kwk.314fe2ef59e5945dadf7.css
staging.kunden-werben.thermondo.goldmarie-rewards.de/static/dist/ 7 KB
7 KB 12ms
12ms Stylesheet
text/css 52.28.179.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/dist/kwk.314fe2ef59e5945dadf7.css
Requested by: Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.179.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-179-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c258fa98d16e5982bb364bb950da623254f93ac79d61eb5d40222acc0911e79e

Request headers

:path: /static/dist/kwk.314fe2ef59e5945dadf7.css
pragma: no-cache
cookie: csrftoken=6OhR6yIp8bgKIvZMAmF0AZ0KFXrqSASWGATZCDeVuJ5AqzCTJM89dWG61lSsWEhq
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: staging.kunden-werben.thermondo.goldmarie-rewards.de
referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
last-modified: Fri, 01 Oct 2021 10:17:22 GMT
content-length: 7310
content-type: text/css

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/css/ 15 KB
2 KB 37ms
14ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/css/select2.min.css

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 694813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1640
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3a76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZyJMGiJXHjIwsCI4up1maj0JRHNNelNw%2BRPvVeobHrhZf9npUnBRAsumpygLOQVO2Lvq%2BWSgp9dclR%2BgbzqAS2B257Xs2PVI%2F3edjIKGzheqY8bwLzzU8b5L2%2FXE2vdyotNdFrz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69779ab97b604dc4-FRA
expires: Wed, 21 Sep 2022 18:02:51 GMT

GET
H2 200 logo_menu.png
staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/img/ 31 KB
32 KB 18ms
17ms Image
image/png 52.28.179.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/img/logo_menu.png
Requested by: Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.179.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-179-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3bf930a0a12009d759bf1a6ca6ad27cac7de5f7731883794c2ece26954ad240a

Request headers

:path: /static/kwk/img/logo_menu.png
pragma: no-cache
cookie: csrftoken=6OhR6yIp8bgKIvZMAmF0AZ0KFXrqSASWGATZCDeVuJ5AqzCTJM89dWG61lSsWEhq
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: staging.kunden-werben.thermondo.goldmarie-rewards.de
referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
last-modified: Fri, 01 Oct 2021 10:21:45 GMT
content-length: 32224
content-type: image/png

GET
H2 200 title_image.png
staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/img/ 345 KB
346 KB 18ms
17ms Image
image/png 52.28.179.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/img/title_image.png
Requested by: Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.179.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-179-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c872b5f5eedbe55c27232869a078f89742ccdec5339078afa2486b9e7eb50b9f

Request headers

:path: /static/kwk/img/title_image.png
pragma: no-cache
cookie: csrftoken=6OhR6yIp8bgKIvZMAmF0AZ0KFXrqSASWGATZCDeVuJ5AqzCTJM89dWG61lSsWEhq
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: staging.kunden-werben.thermondo.goldmarie-rewards.de
referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
last-modified: Fri, 01 Oct 2021 10:21:45 GMT
content-length: 353463
content-type: image/png

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 32ms
9ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1633111371.dop145.fr8.t,1633111371.cds292.fr8.hn,1633111371.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 43ms
21ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3105497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6451
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EASVohPMmH3g%2Ffo5efG%2Frb0ceKed2tgT5iq%2FXI0jWzA0SpSk6ukkTy%2BQMranwe4hmTych0TnyJNvD%2Ft%2BBSqbTnY0R27LBOSq4lY7ap3F3DjZ%2BDDL4spwQW3kQKv%2FTtjrEKj%2BrWtF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69779ab97af4c27c-FRA
expires: Wed, 21 Sep 2022 18:02:51 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 50ms
28ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 723
access-control-allow-origin: *
cdn-cachedat: 08/23/2021 03:10:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 305523bbd6e29eb8c31517a821b3158e
cf-ray: 69779ab9890a5c85-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 kwk.314fe2ef59e5945dadf7.js Show response
staging.kunden-werben.thermondo.goldmarie-rewards.de/static/dist/ 3 KB
3 KB 11ms
9ms Script
application/javascript 52.28.179.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/dist/kwk.314fe2ef59e5945dadf7.js
Requested by: Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.179.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-179-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bf5aab463041a591c1f992f830a5b1898e5b58821b5822edc9053d1ac7579637

Request headers

:path: /static/dist/kwk.314fe2ef59e5945dadf7.js
pragma: no-cache
cookie: csrftoken=6OhR6yIp8bgKIvZMAmF0AZ0KFXrqSASWGATZCDeVuJ5AqzCTJM89dWG61lSsWEhq
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: staging.kunden-werben.thermondo.goldmarie-rewards.de
referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
last-modified: Fri, 01 Oct 2021 10:17:22 GMT
content-length: 3099
content-type: application/javascript

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/js/ 69 KB
16 KB 40ms
18ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/js/select2.min.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1f5534ed276a1eaa57b106c7dadcc994a01efbc033513ea4f5435580d8c327e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 166149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16372
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-112d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7prN5A2le9wyKlZlKDnqGbWSz3aQno0th%2By2q22aoXA3oqKvLUIKnzPMyD5kFwXrw51THFysjFhI8dZJk43J5N2PjUzYNuj9jLvHJzu4OdS%2FBxN59V50HzlvkrgNmYbQINIj9cBH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69779ab97b634dc4-FRA
expires: Wed, 21 Sep 2022 18:02:51 GMT

GET
H2 200 de.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/js/i18n/ 866 B
1 KB 35ms
13ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.12/js/i18n/de.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5471d352b9bccbd4e0818d4b8ecc3803637597797e33dcb578a8b39605419bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 167208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 416
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-362"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s60ywh9jQ8I32kQPPfwf1r6sY6wk5SbwoNgY1Jtfvg1XqRYeQH%2Bj3p0vtQaMzRhvR%2BQFhE9RWF3p%2FP9DJBKi5oXkyWsq40BTMTAm4wVKO7N63AAGtbb%2F%2BhR3tdB0KAN5kqAor1gc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69779ab97b664dc4-FRA
expires: Wed, 21 Sep 2022 18:02:51 GMT

GET
H2 200 django_select2.js Show response
staging.kunden-werben.thermondo.goldmarie-rewards.de/static/django_select2/ 2 KB
2 KB 11ms
9ms Script
application/javascript 52.28.179.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/django_select2/django_select2.js
Requested by: Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.179.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-179-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9843667fd0099380770f5eab4d1547e2a292f288c6d1027f326f900e144f706d

Request headers

:path: /static/django_select2/django_select2.js
pragma: no-cache
cookie: csrftoken=6OhR6yIp8bgKIvZMAmF0AZ0KFXrqSASWGATZCDeVuJ5AqzCTJM89dWG61lSsWEhq
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: staging.kunden-werben.thermondo.goldmarie-rewards.de
referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
last-modified: Fri, 01 Oct 2021 10:21:45 GMT
content-length: 2026
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
74 KB 60ms
37ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSMSBB

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cd377dac1bfb68af2e496a52c63b8d61e5b0252f83c9d71a9446451ff19ac602

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75593
x-xss-protection: 0
expires: Fri, 01 Oct 2021 18:02:51 GMT

GET
H2 200 index.module.js Show response
app.usercentrics.eu/browser-ui/latest/ 247 KB
71 KB 23ms
8ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/index.module.js

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

fb374f5c11671abdf50745efb40e668c166d2ba04aa93842e896153e9c3506c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:13:56 GMT
content-encoding: gzip
age: 2935
x-guploader-uploadid: ADPycdsf6SJqRBBMQHzssZ3T63WKjSjTtoUGES6A1Givg9Jwsk-mdYfAB2zdkMvq37geGCsAQqvEy7vCfjeWbVDbR_8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 71686
last-modified: Thu, 30 Sep 2021 11:33:24 GMT
server: UploadServer
etag: "b9b8ac3bc07440157402c7efa955ce91"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=SKqRxA==, md5=ubisO8B0QBV0AsfvqVXOkQ==
x-goog-generation: 1633001604633015
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 71686
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:13:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 38ms
7ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSMSBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4554
date: Fri, 01 Oct 2021 16:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 01 Oct 2021 18:46:57 GMT

GET
H2 200 hotjar-2567154.js Show response
static.hotjar.com/c/ 4 KB
2 KB 36ms
12ms Script
application/javascript 13.225.87.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2567154.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSMSBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-62.fra2.r.cloudfront.net

Software

Resource Hash

78fc369ce31374aec7c5f3b5b6692d52a571509441060b55423737c38b9abce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-origin-shield-skipped: 0
x-cache-hit: 1
etag: W/1b69cad83452590becfe5b467cca87e5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
content-length: 1906
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-amz-cf-id: 7h2O-qa9MO0yqnBmxwHxbZEIovHWB-y8fYS9fDnbm19YymyVpQs95Q==

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/BJCuWvxSQ/latest/ Frame 0
0 67ms
32ms Preflight
text/html 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/BJCuWvxSQ/latest/languages.json

Protocol

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-guploader-uploadid: ADPycdsSfkq_eXTe6-S78iayk1DlxBpy58Zzr8BuhGmBCUtqpPKGfwLQ0pR7LCqrtRormkKPnezklTQwGGsgOYBKjVdcK9F0mA
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: Content-Type,Origin
date: Fri, 01 Oct 2021 18:02:51 GMT
expires: Fri, 01 Oct 2021 18:02:51 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
alt-svc: clear

GET
H2 200 languages.json Show response
api.usercentrics.eu/settings/BJCuWvxSQ/latest/ 61 B
615 B 35ms
35ms Fetch
application/json 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/BJCuWvxSQ/latest/languages.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdtPXh2448X96HYAGxRopCyeWbYNah15fOvaFtDbjJQEadC53Hc-iuxno03sO6M9WOSKgQeCZMo_xTqEhOmiV4YtkF7KZg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 67
last-modified: Fri, 24 Sep 2021 11:11:23 GMT
server: UploadServer
etag: "da13a9b5363ff28c20e52e67131f24fd"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
x-goog-generation: 1631779826571036
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length: 67
accept-ranges: bytes
content-type: application/json
expires: Fri, 01 Oct 2021 18:03:01 GMT

GET
H2 200 icomoon.ttf
staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/icomoon/fonts/ 4 KB
4 KB 9ms
9ms Font
font/ttf 52.28.179.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/icomoon/fonts/icomoon.ttf?hrxoj9
Requested by: Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/icomoon/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.179.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-179-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e56e3548139dd9d73fc85f3bafc2db49bbf27390a84ca20a0e0bf676bd4cd710

Request headers

sec-fetch-mode: cors
origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: csrftoken=6OhR6yIp8bgKIvZMAmF0AZ0KFXrqSASWGATZCDeVuJ5AqzCTJM89dWG61lSsWEhq; _gcl_au=1.1.1453201988.1633111372
:path: /static/kwk/icomoon/fonts/icomoon.ttf?hrxoj9
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: staging.kunden-werben.thermondo.goldmarie-rewards.de
referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/icomoon/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/kwk/icomoon/style.css
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
last-modified: Fri, 01 Oct 2021 10:21:45 GMT
content-length: 3996
content-type: font/ttf

GET
H2 200 072339204eb51f2b970be8e632b8d84e.svg
staging.kunden-werben.thermondo.goldmarie-rewards.de/static/dist/ 604 B
708 B 9ms
9ms Image
image/svg+xml 52.28.179.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/dist/072339204eb51f2b970be8e632b8d84e.svg
Requested by: Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/dist/kwk.314fe2ef59e5945dadf7.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.179.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-179-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 35972225c4fd071d58a7cc2ec2b2511c4772ad10100c57d835c1211516902019

Request headers

:path: /static/dist/072339204eb51f2b970be8e632b8d84e.svg
pragma: no-cache
cookie: csrftoken=6OhR6yIp8bgKIvZMAmF0AZ0KFXrqSASWGATZCDeVuJ5AqzCTJM89dWG61lSsWEhq; _gcl_au=1.1.1453201988.1633111372
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: staging.kunden-werben.thermondo.goldmarie-rewards.de
referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/dist/kwk.314fe2ef59e5945dadf7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/static/dist/kwk.314fe2ef59e5945dadf7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:51 GMT
last-modified: Fri, 01 Oct 2021 10:17:22 GMT
content-length: 604
content-type: image/svg+xml

GET
H2 200 modules.e95f6e2deb67f1b24d8e.js Show response
script.hotjar.com/ 221 KB
59 KB 27ms
10ms Script
application/javascript 13.224.193.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2567154.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-38.fra2.r.cloudfront.net

Software

Resource Hash

3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 08:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293746
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 59787
access-control-allow-origin: *
last-modified: Tue, 28 Sep 2021 08:26:22 GMT
etag: "4c2c45df8457d0c2a07b3285a23cd7a4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 6IgP0ZhhAZjKRAkrMrACj49-zFJhNH7jK-ttdJIoZQIyUTdlUGuNNw==

GET
H2 200 de.json Show response
api.usercentrics.eu/settings/BJCuWvxSQ/latest/ 38 KB
12 KB 43ms
43ms Fetch
application/json 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/BJCuWvxSQ/latest/de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

99a3c83f32df5864c58b2dbcbc0910f25b5691fca2816257c3537a5ed3af4c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Oct 2021 18:02:52 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycduGnk1H6LB739M5UJM-E5wmY88pgXgd1al5kOEsVo552usVgvAfJtF68WLKnHfoR5qFyMvf_TKTkemmbjA3XdZJJWiv4w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 11535
last-modified: Fri, 24 Sep 2021 11:11:23 GMT
server: UploadServer
etag: "d124c31b93ecf35cafa1969c6560104d"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=j8LnSw==, md5=0STDG5Ps81yvoZacZWAQTQ==
x-goog-generation: 1632481883239247
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length: 11535
accept-ranges: bytes
content-type: application/json
expires: Fri, 01 Oct 2021 18:03:02 GMT

OPTIONS
H2 200 de.json
api.usercentrics.eu/settings/BJCuWvxSQ/latest/ Frame 0
0 28ms
28ms Preflight
text/html 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/BJCuWvxSQ/latest/de.json

Protocol

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-guploader-uploadid: ADPycdtt-prQBwuYQJBNu2eFMtCwnEYAIi5LU2rGVZcUY-YxyymZZNBSFeZrCnxL-ViLpJMRTP8mYhw1cLAe2YomdAIh28pKdg
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: Content-Type,Origin
date: Fri, 01 Oct 2021 18:02:51 GMT
expires: Fri, 01 Oct 2021 18:02:51 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
alt-svc: clear

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame F08E 2 KB
1 KB 26ms
8ms Document
text/html 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2567154.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-12.fra2.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 1iOjl9L8trxfaGvpDaLXi9thutGv1JRMrGJnKT7gh28wqYoCD5GehA==
age: 6325067

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
831 B 7ms
6ms Image
image/png 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=BJCuWvxSQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:43:34 GMT
content-encoding: gzip
age: 1158
x-guploader-uploadid: ADPycdsA_fw5ZyvCDfGX5agPOiKtGAKMNr5p8ZSfz685VT0Cs_e6Co5A1I2AkInnaBemxFsxPnywqsG5qmXlmA0WSSY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
x-goog-generation: 1588928773413784
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
content-type: image/png
expires: Fri, 01 Oct 2021 18:13:34 GMT

GET
H2 200 cross-domain-bridge.html Show response
app.usercentrics.eu/browser-sdk/2.9.4/ Frame AEBE 5 KB
6 KB 7ms
6ms Document
text/html 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-sdk/2.9.4/cross-domain-bridge.html

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

:method: GET
:authority: app.usercentrics.eu
:scheme: https
:path: /browser-sdk/2.9.4/cross-domain-bridge.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Response headers

x-guploader-uploadid: ADPycdvpOFbd-6aN1OJMbFDsP82ePi5OoFL1fks1xY9UFaE7HDCMYZvWUKlmBDYlyo4I8PRR-smKRAOUwbtLWIBbmAHigZzp5w
date: Thu, 30 Sep 2021 11:31:39 GMT
expires: Sat, 30 Oct 2021 11:31:39 GMT
last-modified: Thu, 30 Sep 2021 09:45:52 GMT
etag: "9e7949c2859c0c8525e1f12192cd0c66"
x-goog-generation: 1632995152855736
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5439
content-type: text/html
x-goog-hash: crc32c=6deNCQ== md5=nnlJwoWcDIUl4fEhks0MZg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 5439
access-control-allow-origin: *
access-control-expose-headers: Content-Type Content-Length Transfer-Encoding
server: UploadServer
cache-control: public, max-age=2592000, no-transform
age: 109873
strict-transport-security: max-age=7776000
alt-svc: clear

GET
H2 200 DefaultData-0414b9a2-dadad9a6.js Show response
app.usercentrics.eu/browser-ui/latest/ 2 KB
1 KB 8ms
7ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/DefaultData-0414b9a2-dadad9a6.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

576c08049aeceb1e99df8bb916f6816542205bc4a33f8561194f6329ba9a014d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:04:58 GMT
content-encoding: gzip
age: 3474
x-guploader-uploadid: ADPycdt4p6i6ZvUFGI_Lqhd-uTgZoJ2jbz4GnKixECwbNGdJqD0185gYO4UCuWvMgi8FbM-ZHWqauDGnmzhh6FBtqHA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 936
last-modified: Thu, 30 Sep 2021 11:33:12 GMT
server: UploadServer
etag: "d5ef28fabde1a20b3208e6686051279f"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=HBVrSg==, md5=1e8o+r3hogsyCOZoYFEnnw==
x-goog-generation: 1633001592762236
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 936
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:04:58 GMT

GET
H2 200 DefaultUI-e717c5b6-67a23c37.js Show response
app.usercentrics.eu/browser-ui/latest/ 1 KB
813 B 7ms
7ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/DefaultUI-e717c5b6-67a23c37.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

4f106fb2741179d579c7736d0197fa061dd9a1a7d7c8f2da21840807b770a971

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:18:15 GMT
content-encoding: gzip
age: 2677
x-guploader-uploadid: ADPycduXGjnKCWmsu_8ID-34eUoFy4AcPjSZXoFndI3x-uxJaf2IrBkKx_sLCWTbPveINkKTkN2cbHjmfTHY2n1_w2E0UBovpQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 530
last-modified: Thu, 30 Sep 2021 11:33:13 GMT
server: UploadServer
etag: "71c05704ef23436ae0fb71b7007a9865"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=oJEcLw==, md5=ccBXBO8jQ2rg+3G3AHqYZQ==
x-goog-generation: 1633001593534338
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 530
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:18:15 GMT

GET
H2 200 SecondLayerUI-d2759b8a-909ab74d.js Show response
app.usercentrics.eu/browser-ui/latest/ 455 B
568 B 8ms
7ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/SecondLayerUI-d2759b8a-909ab74d.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

189e297919a9a6336ced1ba41c5fd148f1bf371c4d6695e656e120921d5d5f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/latest/DefaultUI-e717c5b6-67a23c37.js
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:29:54 GMT
content-encoding: gzip
age: 1978
x-guploader-uploadid: ADPycdsJ0RmFYLZ3RawdtlLfCc99EdKd301J_wy1PnUMalZKL5sGhW1eVs8cPjNFi5WM4pcfyAMBkjQ5YSY3Q9lr8Hc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 293
last-modified: Thu, 30 Sep 2021 11:33:15 GMT
server: UploadServer
etag: "9edcba78f7ba631035d22739afca34f3"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=BJ9HOw==, md5=nty6ePe6YxA10ic5r8o08w==
x-goog-generation: 1633001595111169
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 293
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:29:54 GMT

GET
H2 200 FirstLayerCustomization-9beeedf8-d716f06d.js Show response
app.usercentrics.eu/browser-ui/latest/ 3 KB
1 KB 7ms
7ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/FirstLayerCustomization-9beeedf8-d716f06d.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

5ccf81ccc128511169eb7c8067195ba5a3b790f1f5b417d325bb802cd1873320

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/latest/DefaultUI-e717c5b6-67a23c37.js
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:35:51 GMT
content-encoding: gzip
age: 1621
x-guploader-uploadid: ADPycdtlKqlB7kOoT1JLcIK3zRexpX9axMxojvkJp7QCJrA-l3NqhZfB1Mt33ZDzEkDTpwAdDVm0zW42VMCQrOjNnZ37Zr7uNg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 1102
last-modified: Thu, 30 Sep 2021 11:33:13 GMT
server: UploadServer
etag: "846fc9a084a87a2d19b02807b9096535"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=FBdOFQ==, md5=hG/JoISoei0ZsCgHuQllNQ==
x-goog-generation: 1633001593973664
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 1102
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:35:51 GMT

GET
H2 200 Taglogger-5033e96a-209cfbc8.js Show response
app.usercentrics.eu/browser-ui/latest/ 1 KB
927 B 7ms
6ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/Taglogger-5033e96a-209cfbc8.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8777b44beca1301dbd887dd3a0ecb9b847345984af6c26c5674c8d233e992ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:25:30 GMT
content-encoding: gzip
age: 2242
x-guploader-uploadid: ADPycdu0FufpTRl6UDY05I0rsye5aayTL1gCt18scvbhtACaip7G7cWOakEJXbK8WvB99ekOua8ukRJqfMu6m6YVzE46RfhQgg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 644
last-modified: Thu, 30 Sep 2021 11:33:16 GMT
server: UploadServer
etag: "bf710ec3d6ace572e59b75fdb737d4f9"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=mEI/Eg==, md5=v3EOw9as5XLlm3X9tzfU+Q==
x-goog-generation: 1633001596266667
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 644
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:25:30 GMT

OPTIONS
H2 204 graphql
graphql.usercentrics.eu/ Frame 0
0 51ms
16ms Preflight 34.120.238.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Protocol: H2
Server: 34.120.238.166 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 166.238.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 01 Oct 2021 18:02:52 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: clear

POST
H2 200 graphql Show response
graphql.usercentrics.eu/ 1 KB
780 B 26ms
26ms Fetch
application/json 34.120.238.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/index.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.238.166 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 166.238.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 60cbaca59fae1b3b79bf3521bee346fffb9c221ce9a6ddf279556498b2a6f9d1

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Request-ID: 22855815-56a5-4246-b7b0-9a55c664bbdc
content-type: application/json

Response headers

date: Fri, 01 Oct 2021 18:02:52 GMT
content-encoding: gzip
etag: W/"4e4-6sl5AXuvW8uqAm5PRuH2Ay1xH0c"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

GET
H2 200 index-5b4fbe3d.js Show response
app.usercentrics.eu/browser-ui/latest/ 2 KB
1 KB 7ms
7ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/index-5b4fbe3d.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

7bce665e73e264f71182c90e63dd29302dd6a7dd92f6708bc94b53118e539a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:34:31 GMT
content-encoding: gzip
age: 1701
x-guploader-uploadid: ADPycdsY0GP0_sIKdcklj5nD76qYTnsN5YHW04pWKsrQsdkDreDzKVfeORmFHOk4iUTtUhFZdv64x_J8A7HLu5xrGCAFhWGKJQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 987
last-modified: Thu, 30 Sep 2021 11:33:21 GMT
server: UploadServer
etag: "400807eb7cd853c80e357c9f82054cf0"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=RJA/lQ==, md5=QAgH63zYU8gONXyfggVM8A==
x-goog-generation: 1633001601930189
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 987
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:34:31 GMT

GET
H2 200 index-dea27e1c.js Show response
app.usercentrics.eu/browser-ui/latest/ 4 KB
2 KB 8ms
8ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/index-dea27e1c.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

abefff20fa60f455f672561ce3596f3d0beef42159d204fb3cb57f73ace1c758

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:15:26 GMT
content-encoding: gzip
age: 2846
x-guploader-uploadid: ADPycdtlKvwRE-KI8Km0ap2yUDf2blUlmFHdv5XZY-TfXBxUnrQ77RqPpqRJbC9va6DAcER_SbtmKpHOtyklfdzmHbLDHoDzVQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 1881
last-modified: Thu, 30 Sep 2021 11:33:23 GMT
server: UploadServer
etag: "16dd642c81d86b63c38b7b2ff44a3d5b"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=lnIUDw==, md5=Ft1kLIHYa2PDi3sv9Eo9Ww==
x-goog-generation: 1633001603132141
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 1881
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:15:26 GMT

GET
H2 200 SaveButton-bc881db9.js Show response
app.usercentrics.eu/browser-ui/latest/ 987 B
671 B 8ms
7ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/SaveButton-bc881db9.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

1f55730c7a3c38e8496eab86ef15d6ece90659a6566e1e3bda055849cd0c6c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/latest/index-dea27e1c.js
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:51:51 GMT
content-encoding: gzip
age: 661
x-guploader-uploadid: ADPycdvs7uafdCS_2LcSzoEvsUmtuGTSm582GUqVWofZtvq286G5hBLOeLYJLIdCePrZUopwFt8jbD3MCCYtEoYe3o-Wsry9AQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 378
last-modified: Thu, 30 Sep 2021 11:33:14 GMT
server: UploadServer
etag: "d78e6510df509ad8b6c0f4e2ed300fe9"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=ON2yiA==, md5=145lEN9Qmti2wPTi7TAP6Q==
x-goog-generation: 1633001594733942
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 378
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:51:51 GMT

GET
H2 200 VirtualServiceItem-d6c87b7c.js Show response
app.usercentrics.eu/browser-ui/latest/ 93 KB
27 KB 10ms
9ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/VirtualServiceItem-d6c87b7c.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

1a36df2b24cf95a65ba1277a7441966d028abfd15c7a485728ca8ff2e9d1c348

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/latest/index-dea27e1c.js
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:15:51 GMT
content-encoding: gzip
age: 2821
x-guploader-uploadid: ADPycdslZz9fUcgq9pxC3ZQijkXV1gFnar40BgVTx_wEkjeBgPOPGDeIeEMGvg2-Inma9szLXGoCvQv6xE5vg7jDpSxIrKmIaw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 26853
last-modified: Thu, 30 Sep 2021 11:33:17 GMT
server: UploadServer
etag: "863484290983a41caee07dc4adae9262"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=Hdq+ag==, md5=hjSEKQmDpByu4H3Era6SYg==
x-goog-generation: 1633001597476928
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 26853
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:15:51 GMT

GET
H2 200 DefaultTabs-828d38bc.js Show response
app.usercentrics.eu/browser-ui/latest/ 3 KB
2 KB 9ms
9ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/DefaultTabs-828d38bc.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

1b48d176f89054932f2b3b886ab40f3f02afe43fcec459cb3fde516b818a8ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/latest/index-dea27e1c.js
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:42:43 GMT
content-encoding: gzip
age: 1209
x-guploader-uploadid: ADPycduRs8j7LTPt9R1UfGIwcDRyplcdiMszrel-_YHquxEMOqXu5WiAZNbYccst3kWMbo32GTOJsNkISP6kUgS1zVgUZp-Bog
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 1336
last-modified: Thu, 30 Sep 2021 11:33:13 GMT
server: UploadServer
etag: "c162405cb332d229c8b1a8e95973c92c"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=1EVeEQ==, md5=wWJAXLMy0inIsajpWXPJLA==
x-goog-generation: 1633001593134866
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 1336
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:42:43 GMT

GET
H2 200 helpers-65e79f36.js Show response
app.usercentrics.eu/browser-ui/latest/ 1 KB
794 B 8ms
8ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/helpers-65e79f36.js

Requested by

Host: staging.kunden-werben.thermondo.goldmarie-rewards.de
URL: https://staging.kunden-werben.thermondo.goldmarie-rewards.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

3ce5338085e60434fa8a41765bfd45af0eff353abe8e6003500104f841e76f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/latest/index-dea27e1c.js
Origin: https://staging.kunden-werben.thermondo.goldmarie-rewards.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:05:20 GMT
content-encoding: gzip
age: 3452
x-guploader-uploadid: ADPycdu0xGJWOxfQbhgsdT8gbuFPLDojOpIHRDdzq5K7dNpVlzjYooagxEImBOvL-wM9iB58XLPD_jWWyL_kn_WDPLMc5Lb7bw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 530
last-modified: Thu, 30 Sep 2021 11:33:21 GMT
server: UploadServer
etag: "da1792d4068f78ad7a1a3f489aba1f24"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=xj+mHw==, md5=2heS1AaPeK16Gj9ImrofJA==
x-goog-generation: 1633001601044732
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 530
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Oct 2021 18:05:20 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
staging.kunden-werben.thermondo.goldmarie-rewards.de/	1970-01-20 06:22:40	Name: csrftoken Value: 6OhR6yIp8bgKIvZMAmF0AZ0KFXrqSASWGATZCDeVuJ5AqzCTJM89dWG61lSsWEhq
.goldmarie-rewards.de/	1970-01-19 23:48:07	Name: _gcl_au Value: 1.1.1453201988.1633111372
.goldmarie-rewards.de/	1970-01-20 15:09:43	Name: _ga Value: GA1.2.1477701267.1633111372
.goldmarie-rewards.de/	1970-01-19 21:39:57	Name: _gid Value: GA1.2.1689160239.1633111372
.goldmarie-rewards.de/	1970-01-20 06:24:07	Name: _hjid Value: ff89c4b3-f8db-4b14-bb22-e35b8c462a4d
.goldmarie-rewards.de/	1970-01-19 21:38:33	Name: _hjFirstSeen Value: 1
staging.kunden-werben.thermondo.goldmarie-rewards.de/	1970-01-19 21:38:31	Name: _hjIncludedInSessionSample Value: 0
.goldmarie-rewards.de/	1970-01-19 21:38:33	Name: _hjAbsoluteSessionInProgress Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.usercentrics.eu
app.usercentrics.eu
cdnjs.cloudflare.com
code.jquery.com
graphql.usercentrics.eu
script.hotjar.com
stackpath.bootstrapcdn.com
staging.kunden-werben.thermondo.goldmarie-rewards.de
static.hotjar.com
vars.hotjar.com
www.google-analytics.com
www.googletagmanager.com
104.16.18.94
104.18.11.207
13.224.193.12
13.224.193.38
13.225.87.62
142.250.185.142
142.250.186.104
34.120.238.166
35.190.14.188
35.241.3.184
52.28.179.30
69.16.175.42
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
189e297919a9a6336ced1ba41c5fd148f1bf371c4d6695e656e120921d5d5f85
1a36df2b24cf95a65ba1277a7441966d028abfd15c7a485728ca8ff2e9d1c348
1b48d176f89054932f2b3b886ab40f3f02afe43fcec459cb3fde516b818a8ed9
1f55730c7a3c38e8496eab86ef15d6ece90659a6566e1e3bda055849cd0c6c0b
35972225c4fd071d58a7cc2ec2b2511c4772ad10100c57d835c1211516902019
3bf930a0a12009d759bf1a6ca6ad27cac7de5f7731883794c2ece26954ad240a
3ce5338085e60434fa8a41765bfd45af0eff353abe8e6003500104f841e76f94
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
4148600c94351f8fe9224af64722fc1c26b650a5284f13973d3bb6700c1cdc34
4f106fb2741179d579c7736d0197fa061dd9a1a7d7c8f2da21840807b770a971
5471d352b9bccbd4e0818d4b8ecc3803637597797e33dcb578a8b39605419bd6
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
576c08049aeceb1e99df8bb916f6816542205bc4a33f8561194f6329ba9a014d
5ccf81ccc128511169eb7c8067195ba5a3b790f1f5b417d325bb802cd1873320
60cbaca59fae1b3b79bf3521bee346fffb9c221ce9a6ddf279556498b2a6f9d1
61f5d817c9c0d41739cad7e5a72131a443739561360df9893c167c2d51afe173
78fc369ce31374aec7c5f3b5b6692d52a571509441060b55423737c38b9abce9
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7bce665e73e264f71182c90e63dd29302dd6a7dd92f6708bc94b53118e539a8f
8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50
8777b44beca1301dbd887dd3a0ecb9b847345984af6c26c5674c8d233e992ea3
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
9843667fd0099380770f5eab4d1547e2a292f288c6d1027f326f900e144f706d
99a3c83f32df5864c58b2dbcbc0910f25b5691fca2816257c3537a5ed3af4c98
abefff20fa60f455f672561ce3596f3d0beef42159d204fb3cb57f73ace1c758
adeaa0e6e5e6e4f71bd42d41f02cf5a8cc13277d29e981b3c51fcc2738776b6d
bf5aab463041a591c1f992f830a5b1898e5b58821b5822edc9053d1ac7579637
c1f5534ed276a1eaa57b106c7dadcc994a01efbc033513ea4f5435580d8c327e
c258fa98d16e5982bb364bb950da623254f93ac79d61eb5d40222acc0911e79e
c872b5f5eedbe55c27232869a078f89742ccdec5339078afa2486b9e7eb50b9f
cd377dac1bfb68af2e496a52c63b8d61e5b0252f83c9d71a9446451ff19ac602
dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0
e56e3548139dd9d73fc85f3bafc2db49bbf27390a84ca20a0e0bf676bd4cd710
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb374f5c11671abdf50745efb40e668c166d2ba04aa93842e896153e9c3506c9
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

staging.kunden-werben.thermondo.goldmarie-rewards.de Open in urlscan Pro 52.28.179.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

0 %IPv6

8 Domains

12 Subdomains

12 IPs

3 Countries

800 kBTransfer

1792 kBSize

8 Cookies

6 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

staging.kunden-werben.thermondo.goldmarie-rewards.de Open in urlscan Pro
52.28.179.30 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

800 kB
Transfer

1792 kB
Size

8
Cookies

42 HTTP transactions
0 data transactions