www.hemden.de Open in urlscan Pro
138.201.66.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://applesucks.com/
Effective URL:
https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=...
Submission: On September 01 via manual (September 1st 2019, 7:13:43 am UTC) from PH

Summary HTTP 60 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 16 domains to perform 60 HTTP transactions. The main IP is 138.201.66.179, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.hemden.de.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on May 13th 2019. Valid for: a year.

This is the only time www.hemden.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	199.59.242.151 199.59.242.151	395082 (BODIS-NJ) (BODIS-NJ - Bodis)
1 4	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	66.165.243.151 66.165.243.151	29802 (HVC-AS) (HVC-AS - HIVELOCITY)
6	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	95.211.116.27 95.211.116.27	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	213.133.127.252 213.133.127.252	24940 (HETZNER-AS) (HETZNER-AS)
8	138.201.66.179 138.201.66.179	24940 (HETZNER-AS) (HETZNER-AS)
8	2600:9000:205... 2600:9000:2057:b600:7:4c63:4f80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	151.139.236.62 151.139.236.62	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2600:9000:205... 2600:9000:2057:3600:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
60	18

6 199.59.242.151 (United States) 1 redirects

ASN395082 (BODIS-NJ - Bodis, LLC, US)

applesucks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.165.243.151 (Tampa, United States)

ASN29802 (HVC-AS - HIVELOCITY, Inc., US)
PTR: 66-165-243-151.static.hvvc.us

r.redirekted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.211.116.27 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com

de-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.133.127.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213-133-127-252.clients.your-server.de

click.cptrack.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.66.179 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: businesshemden1.timmeserver.de

www.hemden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2057:b600:7:4c63:4f80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.hemden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.236.62 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

content.cptrack.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3600:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	hemden.de www.hemden.de cdn.hemden.de	566 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	172 KB
6	google-analytics.com www.google-analytics.com	37 KB
6	applesucks.com 1 redirects applesucks.com	14 KB
5	googleapis.com fonts.googleapis.com	3 KB
4	redirekted.com r.redirekted.com	11 KB
4	google.com 1 redirects www.google.com	57 KB
3	facebook.net connect.facebook.net	103 KB
3	kelkoogroup.net 2 redirects de-go.kelkoogroup.net	7 KB
2	facebook.com www.facebook.com	323 B
2	bing.com bat.bing.com	7 KB
2	cptrack.de 1 redirects click.cptrack.de content.cptrack.de	2 KB
2	googletagmanager.com www.googletagmanager.com	50 KB
1	google.de www.google.de	374 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	350 B
1	dwin1.com www.dwin1.com	9 KB
60	16

	Domain	Requested by
8	cdn.hemden.de	www.hemden.de
8	www.hemden.de	de-go.kelkoogroup.net www.hemden.de
7	fonts.gstatic.com	www.hemden.de
6	www.google-analytics.com	r.redirekted.com www.googletagmanager.com www.google-analytics.com www.hemden.de
6	applesucks.com	1 redirects applesucks.com
5	fonts.googleapis.com	applesucks.com www.hemden.de
4	r.redirekted.com	applesucks.com r.redirekted.com
4	www.google.com	1 redirects applesucks.com www.hemden.de www.gstatic.com
3	connect.facebook.net	applesucks.com connect.facebook.net
3	de-go.kelkoogroup.net	2 redirects r.redirekted.com
2	www.facebook.com	www.hemden.de connect.facebook.net
2	bat.bing.com	www.googletagmanager.com www.hemden.de
2	www.googletagmanager.com	de-go.kelkoogroup.net www.hemden.de
1	www.gstatic.com	www.google.com
1	www.google.de	www.hemden.de
1	stats.g.doubleclick.net	1 redirects
1	www.dwin1.com	applesucks.com
1	content.cptrack.de	www.googletagmanager.com
1	click.cptrack.de	1 redirects
60	19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.kelkoogroup.net Thawte RSA CA 2018	`2019-07-31` - `2020-08-28`	a year	crt.sh
www.hemden.de GeoTrust EV RSA CA 2018	`2019-05-13` - `2020-05-12`	a year	crt.sh
*.hemden.de Amazon	`2018-11-20` - `2019-12-20`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
content.cptrack.de COMODO RSA Domain Validation Secure Server CA	`2017-03-20` - `2020-06-17`	3 years	crt.sh
*.dwin1.com Amazon	`2019-01-30` - `2020-02-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
www.google.de GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Frame ID: D6C420C36B733FA6F0954B6AD9B0FD23
Requests: 55 HTTP requests in this frame

Frame: http://r.redirekted.com/go?e=NA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Frame ID: EBC88DC9A204D92ECD00C292F2A75A24
Requests: 4 HTTP requests in this frame

Frame: https://www.hemden.de/widgets/index/refreshStatistic?requestPage=%2FRedmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60&requestController=detail&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3Db435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c%26o%3D&articleId=18705
Frame ID: 0EFAB8912150A17D6574CA0C82780CE1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 761AD9EE111C5A440CF5A5989135CC74
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LccU5QUAAAAANttY7LrCBC1r2gZ7zb4SzEcLVkb&co=aHR0cHM6Ly93d3cuaGVtZGVuLmRlOjQ0Mw..&hl=en&v=v1565591531251&size=invisible&cb=xphzi0ty5612
Frame ID: 6B6A80B3430EEC35FB599712C33096A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://applesucks.com/ Page URL
http://applesucks.com/rz?u=http%3A%2F%2Fr.redirekted.com%2Fredirect%3Fredirect_id%3D133a4c25d46f37... HTTP 302
http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a... Page URL
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1567298327129&.sig=rq2IAHmNqaVMOL_X5LPKr16Cxb4-&aff... HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e... Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff43743cd10992f04c9369b76c7... HTTP 303
https://click.cptrack.de/?rd=true&k=XsBqsKhh2L-U3o9tKRFifaQ5oht09dCCal-lAO3B-33rziAvoklR8-Skex6nPYXV&... HTTP 302
https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

60
Requests

83 %
HTTPS

68 %
IPv6

16
Domains

19
Subdomains

18
IPs

5
Countries

1034 kB
Transfer

3283 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Hemden.de/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://applesucks.com/ Page URL
http://applesucks.com/rz?u=http%3A%2F%2Fr.redirekted.com%2Fredirect%3Fredirect_id%3D133a4c25d46f379696578966940f3130%26request_id%3D1e867f7f11a244a1f9cbb483aacd0107&notadsafe HTTP 302
http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107 Page URL
https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1567298327129&.sig=rq2IAHmNqaVMOL_X5LPKr16Cxb4-&affiliationId=96954868&catId=108101&comId=100500732&contextLevel=2&country=de&localCatId=108101&offerId=ef46eab6923d25c1d3ef7831c12aa44c&searchId=null&service=11&wait=true&addedParams=true&custom1=9gRAvk3qWyQA3SUEexFstcFLSg0r-03EmxFF0AFXVyHsmWvE9gxXTkKWjE2r7jUF3ZUqVk3p4WzsytQM&custom2=jKWjuHsyNUF9gRsXqwqSExZvyRCexFrUAQB HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c&o= Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff43743cd10992f04c9369b76c7ef4e6619da05b5e01a7ae661bcc2c4086ab912e9d148e0590fa6a874df036d44d7c8814c49e4958f625593c0507166361cf64ba417eaa59cc642f772d2e85ad85bfc580f214ec1156219cd5c106d31406c6167a231&leadId=dc1-kls-prod-srv-05.prod.dc1.kelkoo.net_1567322009318_1619280&clickId=10769836_1567322009292_1804447&url=https%3A%2F%2Fclick.cptrack.de%2F%3Frd%3Dtrue%26k%3DXsBqsKhh2L-U3o9tKRFifaQ5oht09dCCal-lAO3B-33rziAvoklR8-Skex6nPYXV%26rdlink%3Dhttps%253A%252F%252Fwww.hemden.de%252FRedmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60%253Futm_source%253DkelkooDE%2526utm_medium%253Dportale HTTP 303
https://click.cptrack.de/?rd=true&k=XsBqsKhh2L-U3o9tKRFifaQ5oht09dCCal-lAO3B-33rziAvoklR8-Skex6nPYXV&rdlink=https%3A%2F%2Fwww.hemden.de%2FRedmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60%3Futm_source%3DkelkooDE%26utm_medium%3Dportale HTTP 302
https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://applesucks.com/rz?u=http%3A%2F%2Fr.redirekted.com%2Fredirect%3Fredirect_id%3D133a4c25d46f379696578966940f3130%26request_id%3D1e867f7f11a244a1f9cbb483aacd0107&notadsafe HTTP 302
http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107

Request Chain 13

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 14

http://www.google-analytics.com/r/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=984392363&gjid=279926191&cid=442293270.1567322009&tid=UA-32454353-1&_gid=515074509.1567322009&_r=1&z=1514570004 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=984392363&gjid=279926191&cid=442293270.1567322009&tid=UA-32454353-1&_gid=515074509.1567322009&_r=1&z=1514570004

Request Chain 15

http://www.google-analytics.com/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=&gjid=&cid=442293270.1567322009&tid=UA-32454353-1&_gid=515074509.1567322009&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=78885781 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=&gjid=&cid=442293270.1567322009&tid=UA-32454353-1&_gid=515074509.1567322009&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=78885781

Request Chain 16

https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1567298327129&.sig=rq2IAHmNqaVMOL_X5LPKr16Cxb4-&affiliationId=96954868&catId=108101&comId=100500732&contextLevel=2&country=de&localCatId=108101&offerId=ef46eab6923d25c1d3ef7831c12aa44c&searchId=null&service=11&wait=true&addedParams=true&custom1=9gRAvk3qWyQA3SUEexFstcFLSg0r-03EmxFF0AFXVyHsmWvE9gxXTkKWjE2r7jUF3ZUqVk3p4WzsytQM&custom2=jKWjuHsyNUF9gRsXqwqSExZvyRCexFrUAQB HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c&o=

Request Chain 53

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-38785529-2&cid=733680237.1567322010&jid=1852820296&gjid=1601818729&_gid=901884722.1567322010&_u=aGBAgEAL~&z=1486389714 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38785529-2&cid=733680237.1567322010&jid=1852820296&_v=j79&z=1486389714 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38785529-2&cid=733680237.1567322010&jid=1852820296&_v=j79&z=1486389714&slf_rd=1&random=2019049838

60 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
applesucks.com/ 4 KB
4 KB 289ms
92ms Document
text/html 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://applesucks.com/
Protocol: HTTP/1.1
Server: 199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: 8eb4b59faa187d703b2ae6e737f60872bdb9205748f47d473ecb2fdf6ef77f71

Request headers

Host: applesucks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: openresty
Date: Sun, 01 Sep 2019 07:13:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_Gvc6rkihb+ZwoH+9FcJ4g1aWUY/tyQEP/hZw5oRe1ZE18dMiQG2Ucfe/y+cJkDmcN6Qs7dAD/ucn3zgJFvlHuA==

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ 158 KB
56 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: applesucks.com
URL: http://applesucks.com/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

80d46bca0ed3436eb8b12f00143ed40df245d9ce470d219cd5295c273238f84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://applesucks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Sep 2019 07:13:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "5794129384010110300"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Sun, 01 Sep 2019 07:13:27 GMT

GET
H/1.1 200
OK px.gif
applesucks.com/ 42 B
275 B 92ms
92ms Image
image/gif 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://applesucks.com/px.gif?ch=1&rn=8.527829850069432
Requested by: Host: applesucks.com
URL: http://applesucks.com/
Protocol: HTTP/1.1
Security: , ,
Server: 199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://applesucks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Sep 2019 07:13:27 GMT
Last-Modified: Thu, 22 Aug 2019 17:56:43 GMT
Server: openresty
ETag: "5d5ed75b-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK px.gif
applesucks.com/ 42 B
275 B 185ms
91ms Image
image/gif 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://applesucks.com/px.gif?ch=2&rn=8.527829850069432
Requested by: Host: applesucks.com
URL: http://applesucks.com/
Protocol: HTTP/1.1
Security: , ,
Server: 199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://applesucks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Sep 2019 07:13:27 GMT
Last-Modified: Thu, 22 Aug 2019 17:56:43 GMT
Server: openresty
ETag: "5d5ed75b-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK glp Show response
applesucks.com/ 8 KB
8 KB 120ms
119ms Script
text/javascript 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://applesucks.com/glp?r=&u=http%3A%2F%2Fapplesucks.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by: Host: applesucks.com
URL: http://applesucks.com/
Protocol: HTTP/1.1
Security: , ,
Server: 199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash: 001959b9d62e0caa1fbd74743523da4e60f49fade8029f93a73fa69181b76a58

Request headers

Referer: http://applesucks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Sep 2019 07:13:27 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
902 B 33ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400

Requested by

Host: applesucks.com
URL: http://applesucks.com/glp?r=&u=http%3A%2F%2Fapplesucks.com%2F&rw=1600&rh=1200&ww=1600&wh=1200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b0da72d60d5dd29e3d180e7c87781f30223e27ea0b0de30826ce5a4279f2319d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://applesucks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 01 Sep 2019 07:13:27 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sun, 01 Sep 2019 07:13:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sun, 01 Sep 2019 07:13:27 GMT

POST
H/1.1 200
OK gzb
applesucks.com/ 200 B
517 B 834ms
834ms XHR
text/javascript 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://applesucks.com/gzb
Requested by: Host: applesucks.com
URL: http://applesucks.com/glp?r=&u=http%3A%2F%2Fapplesucks.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Security: , ,
Server: 199.59.242.151 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer: http://applesucks.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 01 Sep 2019 07:13:28 GMT
Server: openresty
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 200
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 24ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin: http://applesucks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 27 Aug 2019 22:46:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 375990
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9016
x-xss-protection: 0
expires: Wed, 26 Aug 2020 22:46:57 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 20ms
7ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin: http://applesucks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 06:30:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 693762
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9132
x-xss-protection: 0
expires: Sun, 23 Aug 2020 06:30:45 GMT

GET
H/1.1

200
OK

redirect Show response
r.redirekted.com/
Redirect Chain

http://applesucks.com/rz?u=http%3A%2F%2Fr.redirekted.com%2Fredirect%3Fredirect_id%3D133a4c25d46f379696578966940f3130%26request_id%3D1e867f7f11a244a1f9cbb483aacd0107&notadsafe
http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107

840 B
1 KB

327ms
145ms

Document
text/html

66.165.243.151
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107
Requested by: Host: applesucks.com
URL: http://applesucks.com/glp?r=&u=http%3A%2F%2Fapplesucks.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Server: 66.165.243.151 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: 66-165-243-151.static.hvvc.us
Software: nginx/1.15.8 / PHP/7.2.13
Resource Hash: 3632362a058adacd28e8c5bc62caaeada4bf8d237dabfa412a73d818ffc1601e

Request headers

Host: r.redirekted.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://applesucks.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://applesucks.com/

Response headers

Server: nginx/1.15.8
Date: Sun, 01 Sep 2019 07:13:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.13

Redirect headers

Server: openresty
Date: Sun, 01 Sep 2019 07:13:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Location: http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107

GET
H/1.1 200
OK adren.css
r.redirekted.com/css/ 243 B
479 B 145ms
144ms Stylesheet
text/css 66.165.243.151
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/css/adren.css?n=3232802561
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107
Protocol: HTTP/1.1
Security: , ,
Server: 66.165.243.151 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: 66-165-243-151.static.hvvc.us
Software: nginx/1.15.8 /
Resource Hash: e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

Referer: http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Sep 2019 07:13:28 GMT
Last-Modified: Wed, 25 Jul 2018 22:42:25 GMT
Server: nginx/1.15.8
ETag: "5b58fcd1-f3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243

GET
H/1.1 200
OK adren.min.js Show response
r.redirekted.com/js/ 7 KB
8 KB 292ms
146ms Script
application/javascript 66.165.243.151
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/js/adren.min.js?n=3232802561
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107
Protocol: HTTP/1.1
Security: , ,
Server: 66.165.243.151 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: 66-165-243-151.static.hvvc.us
Software: nginx/1.15.8 /
Resource Hash: 55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

Request headers

Referer: http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Sep 2019 07:13:28 GMT
Last-Modified: Wed, 25 Jul 2018 22:42:25 GMT
Server: nginx/1.15.8
ETag: "5b58fcd1-1d68"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7528

GET
H/1.1 200
OK Cookie set go Show response
r.redirekted.com/ Frame EBC8 2 KB
2 KB 146ms
146ms Document
text/html 66.165.243.151
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL: http://r.redirekted.com/go?e=NA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/js/adren.min.js?n=3232802561
Protocol: HTTP/1.1
Server: 66.165.243.151 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY, Inc., US),
Reverse DNS: 66-165-243-151.static.hvvc.us
Software: nginx/1.15.8 / PHP/7.2.13
Resource Hash: fc04089a27846ae2f9b461148e67012f13f86df819377abe5f678de3087fb347

Request headers

Host: r.redirekted.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://r.redirekted.com/redirect?redirect_id=133a4c25d46f379696578966940f3130&request_id=1e867f7f11a244a1f9cbb483aacd0107

Response headers

Server: nginx/1.15.8
Date: Sun, 01 Sep 2019 07:13:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.13
Set-Cookie: uuid=8331471960890918912; expires=Mon, 02-Sep-2019 07:13:29 GMT; Max-Age=86400

GET
H2

200

analytics.js Show response
www.google-analytics.com/ Frame EBC8
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
18 KB

22ms
6ms

Script
text/javascript

2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=NA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/go?e=NA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6452
date: Sun, 01 Sep 2019 05:25:57 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Sun, 01 Sep 2019 07:25:57 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
www.google-analytics.com/r/ Frame EBC8
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCu...
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUC...

35 B
124 B

14ms
14ms

Image
image/gif

2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=984392363&gjid=279926191&cid=442293270.1567322009&tid=UA-32454353-1&_gid=515074509.1567322009&_r=1&z=1514570004

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/go?e=NA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Sep 2019 07:13:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=1&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=984392363&gjid=279926191&cid=442293270.1567322009&tid=UA-32454353-1&_gid=515074509.1567322009&_r=1&z=1514570004
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
www.google-analytics.com/ Frame EBC8
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHP...
https://www.google-analytics.com/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuH...

35 B
197 B

6ms
6ms

Image
image/gif

2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=&gjid=&cid=442293270.1567322009&tid=UA-32454353-1&_gid=515074509.1567322009&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=78885781

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://r.redirekted.com/go?e=NA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2019 09:02:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 857485
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j79&a=2110579697&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=&gjid=&cid=442293270.1567322009&tid=UA-32454353-1&_gid=515074509.1567322009&cd1=oz9lMJE8n2kesUk8sT5ipzIxsTgfn3k8sUj%3D&z=78885781
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

Cookie set go Show response
de-go.kelkoogroup.net/
Redirect Chain

https://de-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1567298327129&.sig=rq2IAHmNqaVMOL_X5LPKr16Cxb4-&affiliationId=96954868&catId=108101&comId=100500732&contextLevel=2&country=de&localCatId=10810...
https://de-go.kelkoogroup.net/go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a1...

3 KB
4 KB

25ms
24ms

Document
text/html

95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://de-go.kelkoogroup.net/go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c&o=
Requested by: Host: r.redirekted.com
URL: http://r.redirekted.com/go?e=NA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 95.211.116.27 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: dc1-ecs-pub-go-vip.kelkoo.com
Software: /
Resource Hash: 7e8300902e926fa9670082c5241538afde561503ce3a5a8c81874052167806d1

Request headers

Host: de-go.kelkoogroup.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://r.redirekted.com/go?e=NA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Accept-Encoding: gzip, deflate, br
Cookie: referer=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://r.redirekted.com/go?e=NA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW

Response headers

Date: Sun, 01 Sep 2019 07:13:29 GMT
leadId: dc1-kls-prod-srv-05.prod.dc1.kelkoo.net_1567322009318_1619280
clickId: 10769836_1567322009292_1804447
country: de
sentToLG: false
Request-Time: 8
X-Robots-Tag: noindex,nofollow
Content-Type: text/html; charset=UTF-8
Content-Length: 3541
Set-Cookie: kelkooID=a4c62ee-16cebabeee6-10c808; Max-Age=31536000; Expires=Mon, 31 Aug 2020 07:13:29 GMT; Path=/; Domain=kelkoogroup.net; HTTPOnly lastSearchedKeyword=a3dkPVJlZG1vbmQgTW9kZXJuIEZpdCBIZW1kIHTDvHJraXN8dHM9MTU2NzMyMjAwOTMyMHxjYXRJZD0xMDgxMDF8Y29tSWQ9MTAwNTAwNzMy; Max-Age=31536000; Expires=Mon, 31 Aug 2020 07:13:29 GMT; Path=/; Domain=kelkoogroup.net; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=62
Connection: Keep-Alive

Redirect headers

Date: Sun, 01 Sep 2019 07:13:29 GMT
clickId: 10769836_1567322009292_1804447
country: de
Location: /go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c&o=
Request-Time: 0
X-Robots-Tag: noindex,nofollow
Content-Length: 0
Set-Cookie: referer=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3DNA-pFFuHFq943pdV2X7HwC8IFq5j3Bv8yXyHaC-uFs6blBvZTsuIKBdRzVVkKWjWJr_xUCuHPqYkKL09yXYuULeZaVuglB8WzsybPM9gwWv53p8RJs7jmK8MaXYkKW8uHr_xaCutFBsImqjI2rXuJB0pKpRgFX9OzXuI0F75GsUAQWa5mZ781F8gQsX53pjcHsybFF55GsQSPXxO2Z2uxCm8GssEmBsgHsXgFEeZ3WYImq4uzXypvBe4QsxgFWjWzsyblKefGB8fvqw0wX7jQLe4Qst53pwfmXmkGL9uvV-DGL9cHAY9IF9gQpVy3C9gQA-tQn8IPrVkape8IVcZvF1tvW; Max-Age=31536000; Expires=Mon, 31 Aug 2020 07:13:29 GMT; Path=/; Domain=kelkoogroup.net; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=45
Connection: Keep-Alive
Content-Type: text/plain

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 62 KB
22 KB 26ms
15ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Requested by

Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98a20a7e71f09378005e024005def605b712947e5acc4b934b4af8e380b9aa53

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://de-go.kelkoogroup.net/go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c&o=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:29 GMT
content-encoding: br
last-modified: Sun, 01 Sep 2019 06:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 21976
x-xss-protection: 0
expires: Sun, 01 Sep 2019 07:13:29 GMT

GET
H2

200

Primary Request Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60 Show response
www.hemden.de/
Redirect Chain

https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff43743cd10992f04c9369b76c7ef4e6619da05b5e01a7ae661bcc2c4086ab912e9d148e0590fa6a874df036d44d7c8814c49e4958f625593c0507...
https://click.cptrack.de/?rd=true&k=XsBqsKhh2L-U3o9tKRFifaQ5oht09dCCal-lAO3B-33rziAvoklR8-Skex6nPYXV&rdlink=https%3A%2F%2Fwww.hemden.de%2FRedmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-717201...
https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

94 KB
18 KB

70ms
5ms

Document
text/html

138.201.66.179
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Requested by: Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c&o=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.66.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: businesshemden1.timmeserver.de
Software: nginx /
Resource Hash: 793b089e88531ecd93ca247fc23cff3fa220efbd7fb1ed39e55954e1ec760982

Request headers

:method: GET
:authority: www.hemden.de
:scheme: https
:path: /Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://de-go.kelkoogroup.net/go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c&o=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://de-go.kelkoogroup.net/go?country=de&k=b435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c&o=

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Sun, 01 Sep 2019 02:27:38 GMT
x-content-digest: en814c25fed8142d51aaf433098b3924e35d8b59ca731b1743cdc00bf997094e10
age: 29597
cache-control: no-cache, private
set-cookie: x-cache-context-hash=deleted; expires=Sun, 01-Sep-2019 07:13:29 GMT; Max-Age=0; path=/ nocache=detail-1; path=/
content-encoding: br

Redirect headers

Date: Sun, 01 Sep 2019 07:13:29 GMT
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Last-Modified: Sun, 01 Sep 2019 07:13:29 GMT
Server: ChannelPilotTraxport
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Set-Cookie: __cpc=B0nRywFeCPwcb-1VP-bIkyvW_yEkNZJ1mbf3n841wSOlH2T6mJvYXpF1Ngw8p0_MFinVxj_iCVK9bmaSSxptJJSt2Fz5GBeiwiqDpoUv96c~;Path=/;Domain=.cptrack.de;Expires=Fri, 28-Feb-2020 07:13:29 GMT; Secure; HttpOnly; SameSite; Prefixed
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none'; connect-src https: wss:

GET
H2 200 shopware.woff
www.hemden.de/themes/Frontend/Responsive/frontend/_public/src/fonts/ 69 KB
69 KB 1ms
1ms Font
application/font-woff 138.201.66.179
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hemden.de/themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff?201901211535
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.66.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: businesshemden1.timmeserver.de
Software: nginx /
Resource Hash: 499e8db4de7463aade473f0c529c839547c9679e9b483e76944a39b4d922dcfe

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Origin: https://www.hemden.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:29 GMT
last-modified: Mon, 21 Jan 2019 14:36:50 GMT
server: nginx
etag: "5c45d902-113d0"
content-type: application/font-woff
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 70608
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 OpenSans-Regular.woff2
www.hemden.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/ 41 KB
41 KB 1ms
1ms Font
application/octet-stream 138.201.66.179
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hemden.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.66.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: businesshemden1.timmeserver.de
Software: nginx /
Resource Hash: 2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Origin: https://www.hemden.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:29 GMT
last-modified: Mon, 21 Jan 2019 14:36:50 GMT
server: nginx
etag: "5c45d902-a2d4"
content-type: application/octet-stream
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 41684
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
547 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,500,700,900&display=swap

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

3911952f579f6d1e5cde47d9cd13d12377be9841e6cd3031b32b733bdc1731e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 01 Sep 2019 07:13:29 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sun, 01 Sep 2019 07:13:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sun, 01 Sep 2019 07:13:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
548 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

16862312f23ec428b69df02aa69724b84f64419ac5fa3aa36df48d6e11e6346e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 01 Sep 2019 07:13:29 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sun, 01 Sep 2019 07:13:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sun, 01 Sep 2019 07:13:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 827 B
405 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway&display=swap

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d5acdc2cbc7cc6aa9f514c1203f62f6f76d48d53b2c61becc7939082331385b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 01 Sep 2019 07:13:29 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sun, 01 Sep 2019 07:13:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sun, 01 Sep 2019 07:13:29 GMT

GET
H2 200 1567030566_7c5111a2d7eed98f0672c72ed976ed8e.css
www.hemden.de/web/cache/ 900 KB
150 KB 2ms
1ms Stylesheet
text/css 138.201.66.179
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hemden.de/web/cache/1567030566_7c5111a2d7eed98f0672c72ed976ed8e.css
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.66.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: businesshemden1.timmeserver.de
Software: nginx /
Resource Hash: f322a640b3eb61c3dfe17d2b476160927e45664db6b1370bf547b013184605fb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:29 GMT
content-encoding: br
last-modified: Sat, 31 Aug 2019 23:00:11 GMT
server: nginx
etag: W/"5d6afbfb-e1149"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Logo_Hemden-de.jpg
cdn.hemden.de/media/image/a5/8e/f4/ 9 KB
10 KB 48ms
7ms Image
image/jpeg 2600:9000:2057:b600:7:4c63:4f80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hemden.de/media/image/a5/8e/f4/Logo_Hemden-de.jpg
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b600:7:4c63:4f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4037cf969533ef04eee18c4ddabc9b305082e5a7ab907893c90e5b2402b77b8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 04:26:28 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
age: 1477903
x-cache: Hit from cloudfront
status: 200
content-length: 9426
last-modified: Sun, 18 Mar 2018 08:00:52 GMT
server: AmazonS3
etag: "181aa39fd4899879798419a06191e3df"
content-type: image/jpeg
x-amz-meta-img-processed: true
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: u1F6hJMCd6CGbHaOahY9bK9ASDFN6DS_emKtewDJOmM3wEMlXaD4Sw==
expires: Sun, 01 Jan 2034 00:00:59 GMT

GET
H2 200 redmond_hemden_katalog.jpg
cdn.hemden.de/media/image/1c/7c/e1/ 8 KB
8 KB 49ms
8ms Image
image/jpeg 2600:9000:2057:b600:7:4c63:4f80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hemden.de/media/image/1c/7c/e1/redmond_hemden_katalog.jpg
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b600:7:4c63:4f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67fe0e4e39cb68c4e6bd1a7cd782f0a930f56448e3d068c104a93f14b75bf85e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 31 Aug 2019 04:46:02 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
age: 95248
x-cache: Hit from cloudfront
status: 200
content-length: 8277
last-modified: Tue, 26 Feb 2019 09:51:04 GMT
server: AmazonS3
etag: "29e63926fdfbe239c7fd194b83ec3b1c"
content-type: image/jpeg
x-amz-meta-img-processed: true
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: GDozJTvp_r6k8wiWpYl_q9qQ-wlGItQ5Y7etHp4rKmfNKmkfHeuuiA==
expires: Sun, 01 Jan 2034 00:00:59 GMT

GET
H2 200 71720110-60_800_600x600.jpg
cdn.hemden.de/media/image/0f/13/a6/ 15 KB
16 KB 91ms
51ms Image
image/jpeg 2600:9000:2057:b600:7:4c63:4f80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hemden.de/media/image/0f/13/a6/71720110-60_800_600x600.jpg
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b600:7:4c63:4f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c26b2d1e497212ccea345ed3b4cbbd99d0951f48ecb22abef611e822fd20ad42

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:30 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 20:49:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "495728100e8e7bffa7874e0543840abe"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
x-amz-meta-img-processed: true
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15667
x-amz-cf-id: 96I0UfQGdlxZofdO1f4QR4ExZL6Cp4fDXstPlxEeXnMngPa1CR1OEA==
expires: Sun, 01 Jan 2034 00:00:59 GMT

GET
H2 200 71720110-13_800_300x300.jpg
cdn.hemden.de/media/image/b1/5c/6f/ 9 KB
9 KB 102ms
62ms Image
image/jpeg 2600:9000:2057:b600:7:4c63:4f80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hemden.de/media/image/b1/5c/6f/71720110-13_800_300x300.jpg
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b600:7:4c63:4f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef62c4abce9b4a07f25b84d48d9eff575cf84848a0d0c602849a2a77832d0fa3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:30 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 20:48:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "152b46c469a4a494bce35b97ffc116c0"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
x-amz-meta-img-processed: true
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8873
x-amz-cf-id: 0IM2X1x4CxFitUwNnipd5C-pOhSL3uUxkUCD-dhdwT1DBhg0veZMxQ==
expires: Sun, 01 Jan 2034 00:00:59 GMT

GET
H2 200 71720110-50_800_300x300.jpg
cdn.hemden.de/media/image/1b/65/b5/ 6 KB
7 KB 72ms
32ms Image
image/jpeg 2600:9000:2057:b600:7:4c63:4f80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hemden.de/media/image/1b/65/b5/71720110-50_800_300x300.jpg
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b600:7:4c63:4f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d0ee64efb5c8ba98301fb13343ef10a9e07cf15b58da550e8c29b01ebcda95d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:30 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 20:48:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "60b3c69c88f7e1b0dfad05c3f379fe41"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
x-amz-meta-img-processed: true
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6386
x-amz-cf-id: Vh-aK25jzqJa80mIo487fX4b4Y0gNXz0nCFT_AnkIeF-4jYdhzJTVQ==
expires: Sun, 01 Jan 2034 00:00:59 GMT

GET
H2 200 71720110-51_800_300x300.jpg
cdn.hemden.de/media/image/c3/19/aa/ 6 KB
7 KB 133ms
93ms Image
image/jpeg 2600:9000:2057:b600:7:4c63:4f80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hemden.de/media/image/c3/19/aa/71720110-51_800_300x300.jpg
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b600:7:4c63:4f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b514ef8478e39785abd66e5d29eb6dabe674928196faef254fd1d2f6314b5323

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:30 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 20:49:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "a79ee63405474c372735e13a71b75fa7"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
x-amz-meta-img-processed: true
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6282
x-amz-cf-id: BuZ1BvPbrRQvKngQsl1RK4eAahzwkTgGjwR6Cp70vxq2MXWomdT4zw==
expires: Sun, 01 Jan 2034 00:00:59 GMT

GET
H2 200 71720110-53_800_300x300.jpg
cdn.hemden.de/media/image/31/68/ea/ 8 KB
9 KB 45ms
45ms Image
image/jpeg 2600:9000:2057:b600:7:4c63:4f80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hemden.de/media/image/31/68/ea/71720110-53_800_300x300.jpg
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b600:7:4c63:4f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd89f18cf2800d8789cdec4966b0e7f79bac7c53c07a99cd2b4ad5c46d63a0e4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:30 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 20:49:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "5a8f8f6a4f66241169a634ce6451a40b"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
x-amz-meta-img-processed: true
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8632
x-amz-cf-id: FD87zg055gL3c7V2Z78zV5Kx8Rlv5Xyk5EWi4wMtSn_PCTE7tBkmBg==
expires: Sun, 01 Jan 2034 00:00:59 GMT

GET
H2 200 71720110-61_800_300x300.jpg
cdn.hemden.de/media/image/44/52/e4/ 6 KB
6 KB 46ms
46ms Image
image/jpeg 2600:9000:2057:b600:7:4c63:4f80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hemden.de/media/image/44/52/e4/71720110-61_800_300x300.jpg
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b600:7:4c63:4f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f218c4a572d6332f1a519c9a73a7a8f492cb2005fd06cb8b7880392033ca1807

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:30 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 20:49:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "609ad2415a19bcd6d2e6526a5830e9e6"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
x-amz-meta-img-processed: true
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5765
x-amz-cf-id: tOOuPvkN9yDDz_-GfJEpmXzoa59n6gN56SwFkM2qCohN5MBCLWu6bw==
expires: Sun, 01 Jan 2034 00:00:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
28 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MH8N456

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c925922de9dbf2b4c4ee6a8f29b0bc68abd711088f9e92bbc2746b90a60a50ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:29 GMT
content-encoding: br
last-modified: Sun, 01 Sep 2019 06:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 28561
x-xss-protection: 0
expires: Sun, 01 Sep 2019 07:13:29 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1567030566_7c5111a2d7eed98f0672c72ed976ed8e.js Show response
www.hemden.de/web/cache/ 860 KB
215 KB 2ms
2ms Script
application/javascript 138.201.66.179
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hemden.de/web/cache/1567030566_7c5111a2d7eed98f0672c72ed976ed8e.js
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.66.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: businesshemden1.timmeserver.de
Software: nginx /
Resource Hash: 4ca5f759819c9754e7ef46b1a21827e1a50fdef5cdc9c190007ada1788b4ff59

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:29 GMT
content-encoding: br
last-modified: Sat, 31 Aug 2019 23:00:10 GMT
server: nginx
etag: W/"5d6afbfa-d6fee"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
580 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

4c940a58b40018214ca32665ff4cf755522b32a027b309cccb950ccd22e27637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 01 Sep 2019 07:13:29 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sun, 01 Sep 2019 07:13:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sun, 01 Sep 2019 07:13:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH8N456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6452
date: Sun, 01 Sep 2019 05:25:57 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Sun, 01 Sep 2019 07:25:57 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 78ms
49ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH8N456
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 6b4c72b8214beaceed57a85c54eed2c61cfc4911b3d677db9a6e00849ef6be05

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:29 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 18:53:49 GMT
x-msedge-ref: Ref A: A419F31BD9CD490C82632AB69AA7563F Ref B: VIEEDGE0419 Ref C: 2019-09-01T07:13:29Z
status: 200
etag: "809cac9e6349d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7126

GET
H/1.1 200
OK clicks.js Show response
content.cptrack.de/ 2 KB
1 KB 19ms
5ms Script
application/javascript 151.139.236.62
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.cptrack.de/clicks.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH8N456

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.236.62 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

90a03b4dbf11dfcf8dd25d4015accb40e8325450180eeed733c2e87814f7cb09

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none'; connect-src https: wss:
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Sep 2019 07:13:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1;mode=block
Last-Modified: Fri, 02 Aug 2019 08:35:15 GMT
Server: NetDNA-cache/2.2
ETag: W/"68e-58f1e3cc8f3e4"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
Content-Security-Policy: default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none'; connect-src https: wss:
Expires: Tue, 01 Oct 2019 07:13:29 GMT

GET
H2 200 14804.js Show response
www.dwin1.com/ 16 KB
9 KB 22ms
6ms Script
application/javascript 2600:9000:2057:3600:f:8ce2:fb80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/14804.js
Requested by: Host: applesucks.com
URL: http://applesucks.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:3600:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3835c018df21335eaef951c839f3846652f75baac19aac7dbf965596dd3175b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: V0u3v6rr3Ax1lErVH3.IgrLwvhY_nW__
content-encoding: gzip
age: 2367
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 28 Aug 2019 13:21:41 GMT
server: AmazonS3
date: Sun, 01 Sep 2019 06:34:03 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cache-control: max-age=3600,s-maxage=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 0jXHrzVbfP8TMQk00fi30274ljqAkTQ2thTdLB2MyMkHZtTEuhh65Q==

GET
H2 200 refreshStatistic Show response
www.hemden.de/widgets/index/ Frame 0EFA 0
397 B 133ms
132ms Document
text/html 138.201.66.179
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hemden.de/widgets/index/refreshStatistic?requestPage=%2FRedmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60&requestController=detail&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3Db435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c%26o%3D&articleId=18705
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.66.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: businesshemden1.timmeserver.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: www.hemden.de
:scheme: https
:path: /widgets/index/refreshStatistic?requestPage=%2FRedmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60&requestController=detail&referer=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3Db435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c%26o%3D&articleId=18705
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
accept-encoding: gzip, deflate, br
cookie: nocache=detail-1; _gcl_au=1.1.507215742.1567322010; x-ua-device=desktop
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: session-1=d4f50d250b279387b553c7ce03e317d3c0119757ee923fe0c2325b1d24016edb; path=/; secure; HttpOnly x-cache-context-hash=deleted; expires=Sat, 01-Sep-2018 07:13:28 GMT; Max-Age=0; path=/ nocache=detail-1; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate private
pragma: no-cache
date: Sun, 01 Sep 2019 07:13:29 GMT
x-body-eval: ESI
content-encoding: br

GET
DATA 200
OK truncated
/ 39 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c52d6b15f7b302701fe6e583e1104429f954fe19b7a7ffc0287fdbc8ca239170

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Raleway:400,500,700,900&display=swap
Origin: https://www.hemden.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 12:26:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:42 GMT
server: sffe
age: 154041
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13228
x-xss-protection: 0
expires: Sat, 29 Aug 2020 12:26:08 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Raleway:400,500,700,900&display=swap
Origin: https://www.hemden.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 29 Aug 2019 03:41:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 271899
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13428
x-xss-protection: 0
expires: Fri, 28 Aug 2020 03:41:50 GMT

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ 11 KB
11 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap
Origin: https://www.hemden.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 25 Aug 2019 05:30:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:02 GMT
server: sffe
age: 610958
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11380
x-xss-protection: 0
expires: Mon, 24 Aug 2020 05:30:51 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v11/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap
Origin: https://www.hemden.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 29 Aug 2019 02:28:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:25 GMT
server: sffe
age: 276283
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11504
x-xss-protection: 0
expires: Fri, 28 Aug 2020 02:28:46 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Raleway:400,500,700,900&display=swap
Origin: https://www.hemden.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 29 Aug 2019 04:39:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:47 GMT
server: sffe
age: 268461
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13752
x-xss-protection: 0
expires: Fri, 28 Aug 2020 04:39:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
24 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: applesucks.com
URL: http://applesucks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 23404
x-xss-protection: 0
pragma: public
x-fb-debug: KRhGrjkFrz2a3wp9MMYmQSiJ+uI2XwMSMJiZDk5E/MoLClsrM8GCFGNtakXwbETlH36LNoVXIt4fCJonxnVlqQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Sun, 01 Sep 2019 07:13:29 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 790
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1296
x-xss-protection: 0
expires: Sun, 01 Sep 2019 08:00:19 GMT

GET
H2 200 csrftoken Show response
www.hemden.de/ 0
390 B 155ms
154ms XHR
text/html 138.201.66.179
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hemden.de/csrftoken
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/web/cache/1567030566_7c5111a2d7eed98f0672c72ed976ed8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.66.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: businesshemden1.timmeserver.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
date: Sun, 01 Sep 2019 07:13:29 GMT
x-csrf-token: 59c4UKIhQ8s6GuDlhG9PXCmdE2ZTQB
server: nginx
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, no-cache, private
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 426379261113388 Show response
connect.facebook.net/signals/config/ 307 KB
78 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/426379261113388?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8632aa23bd51a25e1de4b651883075e4a7f91fb021440c72497063674cdd7d0e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 79752
x-xss-protection: 0
pragma: public
x-fb-debug: a6R+jDee3An/lTgz1XBOhCrEelpgbBrWFcE3hOOtmURFLMLmEsVyrTXlXhjxSkUipD8/J/IB9txSLylbBoIn+Q==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Sun, 01 Sep 2019 07:13:29 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 46ms
46ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5078518&Ver=2&mid=61abc391-2c8e-e204-72f4-4e2dcb958cce&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hochwertiges%20Redmond%20Modern%20Fit%20Hemd%20in%20der%20Farbe%20t%C3%BCrkis,%20Strukturiert.%20Der%20%C3%84rmeltyp%20ist%20Langarm%20(66cm),%20das%20Hemd%20ist%20b%C3%BCgelleicht%20und%20ist%20ohne%20Brusttasche.%20Der%20Stoff%20ist%20ein%20feines%20Struktur%20Stretch%20Gewebe%20aus%20100%25%20Baumwolle.%20%7C%20Hemden.de&kw=71720110.60,%2071720110%2F60,%2071720110-60,%2071720110_60,%20Redmond%20Modern%20Fit,Langarm%20(66cm),t%C3%BCrkis%20Hemd,Kombimanschette,B%C3%BCgelleicht&p=https%3A%2F%2Fwww.hemden.de%2FRedmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60%3Futm_source%3DkelkooDE%26utm_medium%3Dportale&r=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3Db435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c%26o%3D&lt=240&evt=pageLoad&msclkid=N&rn=45839
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Sun, 01 Sep 2019 07:13:29 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D366322858A24F0FBF879BE6B28446DA Ref B: VIEEDGE0419 Ref C: 2019-09-01T07:13:29Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
6ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=332659483&t=pageview&cu=EUR&_s=1&dl=https%3A%2F%2Fwww.hemden.de%2FRedmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60%3Futm_source%3DkelkooDE%26utm_medium%3Dportale&dr=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3Db435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c%26o%3D&ul=en-us&de=UTF-8&dt=Hochwertiges%20Redmond%20Modern%20Fit%20Hemd%20in%20der%20Farbe%20t%C3%BCrkis%2C%20Strukturiert.%20Der%20%C3%84rmeltyp%20ist%20Langarm%20(66cm)%2C%20das%20Hemd%20ist%20b%C3%BCgelleicht%20und%20ist%20ohne%20Brusttasche.%20Der%20Stoff%20ist%20ein%20feines%20Struktur%20Stretch%20Gewebe%20aus%20100%25%20Baumwolle.%20%7C%20Hemden.de&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEAL~&jid=1852820296&gjid=1601818729&cid=733680237.1567322010&tid=UA-38785529-2&_gid=901884722.1567322010&gtm=2wg8l2MH8N456&pal=Alle%20Produkte&pa=detail&pr1nm=Redmond%20Modern%20Fit%20Hemd%20t%C3%BCrkis%2C%20Strukturiert&pr1id=71720110.60-M&pr1pr=23.95&pr1br=Redmond&pr1ca=Alle%20Produkte&pr1va=M&z=1546432470

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2019 09:02:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 857486
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-38785529-2&cid=733680237.1567322010&jid=1852820296&gjid=1601818729&_gid=901884722.1567322010&_u=aGBAgEAL~&z=1486389714
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38785529-2&cid=733680237.1567322010&jid=1852820296&_v=j79&z=1486389714
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38785529-2&cid=733680237.1567322010&jid=1852820296&_v=j79&z=1486389714&slf_rd=1&random=2019049838

42 B
374 B

32ms
20ms

Image
image/gif

2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38785529-2&cid=733680237.1567322010&jid=1852820296&_v=j79&z=1486389714&slf_rd=1&random=2019049838

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Sep 2019 07:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Sep 2019 07:13:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38785529-2&cid=733680237.1567322010&jid=1852820296&_v=j79&z=1486389714&slf_rd=1&random=2019049838
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
920 B 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: 1wTo2TbLTleKFjedbh7JrzNEl33pbU3L9eNVueA0uTZRG9qw3Pd5SqEdnxvTBBOwB9IXIfQXQ2pFadmMUX1ijg==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Sun, 01 Sep 2019 07:13:30 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
323 B 18ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=426379261113388&ev=PageView&dl=https%3A%2F%2Fwww.hemden.de%2FRedmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60%3Futm_source%3DkelkooDE%26utm_medium%3Dportale&rl=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3Db435397ea0eaf650d5dcd0537082de49480aeade3d1cd705c7d2d33ad56e140630ff66203a77936794c13f8f1616b5d9561f50bfd83aa8a23ff9fd45ce9bc1d9b232865b365ae7869f324a13dce06c558955bad0b62b74afebd379d34a32bc453ed0f535ea18709b2932f884786ab2f3afbd434e4212d473ed2c4c6c8407588c362af5cd43dd0b392172a82b2b0f01e11eae594b8ba7879ef5e1936646d11f73a09cbcfb523ce2f0fa2ff5cc73f9d1084f4e09861ea9003adc86f835431b8af35916c8e536e5f9185e3f8aa8788aab8d5ae9d52873d27d85892c9fb00e97beea89f4a84b7f7f3b733695eae727e1939843615ff60b18fdb998585d4385510805404411332898bf15c911b760d65e0afa60d867956d8143028e07c32f3f68df6d3eb770c7ab4e379bbf2aeecaf51e3a2fcee7e240fb14315cd626b5ca2826b75942e07ce10a0a98feb92c4f5ecb97e8cfa8550844101198b402936b32e556aad465b58d84fecc4051f9a67870985a08ba566df11b3b224868e55ecc9f0a5b906c72976feec7a1993a55da7124fe53bab9d52271f720e2bf27df3664046f4c8da5792ee7bc8b68101959eeeb49b4b1749b4d193edcfa3de6a48ca56d092af0c04c%26o%3D&if=false&ts=1567322010045&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1567322010044.956961548&it=1567322009974&coo=false&rqm=GET

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 01 Sep 2019 07:13:30 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame 761A 0
0 6ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 5938
pragma: no-cache
cache-control: no-cache
origin: https://www.hemden.de
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
accept-encoding: gzip, deflate, br
cookie: fr=0RTqhCn5nGy4MdL6r..Bda2-a...1.0.Bda2-a.
Origin: https://www.hemden.de
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.hemden.de
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Sun, 01 Sep 2019 07:13:30 GMT

GET
H2 200 recaptcha Show response
www.hemden.de/widgets/Captcha/getCaptchaByName/captchaName/ 187 B
504 B 131ms
130ms XHR
text/html 138.201.66.179
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hemden.de/widgets/Captcha/getCaptchaByName/captchaName/recaptcha?_=1567322009841
Requested by: Host: www.hemden.de
URL: https://www.hemden.de/web/cache/1567030566_7c5111a2d7eed98f0672c72ed976ed8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.66.179 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: businesshemden1.timmeserver.de
Software: nginx /
Resource Hash: b342be62b8f8ae5398135cb0d911be40509d9daf397d472d9b7b4be8905dd7fa

Request headers

Accept: */*
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
X-CSRF-Token: 59c4UKIhQ8s6GuDlhG9PXCmdE2ZTQB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
date: Sun, 01 Sep 2019 07:13:30 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, no-cache, private
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 867 B
672 B 20ms
19ms Script
text/javascript 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=pimReCaptcha&render=6LccU5QUAAAAANttY7LrCBC1r2gZ7zb4SzEcLVkb

Requested by

Host: www.hemden.de
URL: https://www.hemden.de/web/cache/1567030566_7c5111a2d7eed98f0672c72ed976ed8e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

0dc139d82af89d247306bd07be93b45048a86853116b4f13491301d27a150333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Sep 2019 07:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 498
x-xss-protection: 1; mode=block
expires: Sun, 01 Sep 2019 07:13:31 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1565591531251/ 263 KB
92 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1565591531251/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=pimReCaptcha&render=6LccU5QUAAAAANttY7LrCBC1r2gZ7zb4SzEcLVkb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e37175c872fc53f06ace33890986b1983980812d7130f497a9f0125e78188b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 25 Aug 2019 03:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Aug 2019 17:15:00 GMT
server: sffe
age: 617388
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 93780
x-xss-protection: 0
expires: Mon, 24 Aug 2020 03:43:43 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 6B6A 0
0 33ms
33ms Document
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LccU5QUAAAAANttY7LrCBC1r2gZ7zb4SzEcLVkb&co=aHR0cHM6Ly93d3cuaGVtZGVuLmRlOjQ0Mw..&hl=en&v=v1565591531251&size=invisible&cb=xphzi0ty5612

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1565591531251/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FL4yOrZ3RoqJbf981T6XMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LccU5QUAAAAANttY7LrCBC1r2gZ7zb4SzEcLVkb&co=aHR0cHM6Ly93d3cuaGVtZGVuLmRlOjQ0Mw..&hl=en&v=v1565591531251&size=invisible&cb=xphzi0ty5612
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.hemden.de/Redmond-Modern-Fit-Hemd-tuerkis-Strukturiert-langarm-71720110.60?utm_source=kelkooDE&utm_medium=portale

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Sep 2019 07:13:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-FL4yOrZ3RoqJbf981T6XMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9011
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hemden.de/	1969-12-31 23:59:59	Name: __csrf_token-1 Value: 59c4UKIhQ8s6GuDlhG9PXCmdE2ZTQB
.hemden.de/	1970-01-19 05:31:38	Name: _fbp Value: fb.1.1567322010044.956961548
.hemden.de/	1970-01-19 03:22:02	Name: _dc_gtm_UA-38785529-2 Value: 1
.hemden.de/	1970-01-19 03:23:28	Name: _gid Value: GA1.2.901884722.1567322010
www.hemden.de/	1969-12-31 23:59:59	Name: nocache Value: detail-1
.hemden.de/	1970-01-19 20:53:14	Name: _ga Value: GA1.2.733680237.1567322010
.hemden.de/	1970-01-19 05:31:38	Name: _gcl_au Value: 1.1.507215742.1567322010
www.hemden.de/	1969-12-31 23:59:59	Name: x-ua-device Value: desktop
www.hemden.de/	1969-12-31 23:59:59	Name: session-1 Value: d4f50d250b279387b553c7ce03e317d3c0119757ee923fe0c2325b1d24016edb

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.hemden.de/web/cache/1567030566_7c5111a2d7eed98f0672c72ed976ed8e.js(Line 5) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applesucks.com
bat.bing.com
cdn.hemden.de
click.cptrack.de
connect.facebook.net
content.cptrack.de
de-go.kelkoogroup.net
fonts.googleapis.com
fonts.gstatic.com
r.redirekted.com
stats.g.doubleclick.net
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.hemden.de
138.201.66.179
151.139.236.62
199.59.242.151
213.133.127.252
2600:9000:2057:3600:f:8ce2:fb80:93a1
2600:9000:2057:b600:7:4c63:4f80:93a1
2620:1ec:c11::200
2a00:1450:4001:814::200e
2a00:1450:4001:816::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2004
2a00:1450:4001:821::2003
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
66.165.243.151
95.211.116.27
001959b9d62e0caa1fbd74743523da4e60f49fade8029f93a73fa69181b76a58
046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0dc139d82af89d247306bd07be93b45048a86853116b4f13491301d27a150333
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16862312f23ec428b69df02aa69724b84f64419ac5fa3aa36df48d6e11e6346e
2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910
3632362a058adacd28e8c5bc62caaeada4bf8d237dabfa412a73d818ffc1601e
3911952f579f6d1e5cde47d9cd13d12377be9841e6cd3031b32b733bdc1731e7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
499e8db4de7463aade473f0c529c839547c9679e9b483e76944a39b4d922dcfe
4c940a58b40018214ca32665ff4cf755522b32a027b309cccb950ccd22e27637
4ca5f759819c9754e7ef46b1a21827e1a50fdef5cdc9c190007ada1788b4ff59
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
67fe0e4e39cb68c4e6bd1a7cd782f0a930f56448e3d068c104a93f14b75bf85e
6b4c72b8214beaceed57a85c54eed2c61cfc4911b3d677db9a6e00849ef6be05
793b089e88531ecd93ca247fc23cff3fa220efbd7fb1ed39e55954e1ec760982
7d0ee64efb5c8ba98301fb13343ef10a9e07cf15b58da550e8c29b01ebcda95d
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
7e8300902e926fa9670082c5241538afde561503ce3a5a8c81874052167806d1
80d46bca0ed3436eb8b12f00143ed40df245d9ce470d219cd5295c273238f84e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8632aa23bd51a25e1de4b651883075e4a7f91fb021440c72497063674cdd7d0e
8eb4b59faa187d703b2ae6e737f60872bdb9205748f47d473ecb2fdf6ef77f71
90a03b4dbf11dfcf8dd25d4015accb40e8325450180eeed733c2e87814f7cb09
98a20a7e71f09378005e024005def605b712947e5acc4b934b4af8e380b9aa53
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
b0da72d60d5dd29e3d180e7c87781f30223e27ea0b0de30826ce5a4279f2319d
b342be62b8f8ae5398135cb0d911be40509d9daf397d472d9b7b4be8905dd7fa
b4037cf969533ef04eee18c4ddabc9b305082e5a7ab907893c90e5b2402b77b8
b514ef8478e39785abd66e5d29eb6dabe674928196faef254fd1d2f6314b5323
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
c26b2d1e497212ccea345ed3b4cbbd99d0951f48ecb22abef611e822fd20ad42
c52d6b15f7b302701fe6e583e1104429f954fe19b7a7ffc0287fdbc8ca239170
c925922de9dbf2b4c4ee6a8f29b0bc68abd711088f9e92bbc2746b90a60a50ed
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d5acdc2cbc7cc6aa9f514c1203f62f6f76d48d53b2c61becc7939082331385b9
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd89f18cf2800d8789cdec4966b0e7f79bac7c53c07a99cd2b4ad5c46d63a0e4
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e37175c872fc53f06ace33890986b1983980812d7130f497a9f0125e78188b7e
e3835c018df21335eaef951c839f3846652f75baac19aac7dbf965596dd3175b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef62c4abce9b4a07f25b84d48d9eff575cf84848a0d0c602849a2a77832d0fa3
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
f218c4a572d6332f1a519c9a73a7a8f492cb2005fd06cb8b7880392033ca1807
f322a640b3eb61c3dfe17d2b476160927e45664db6b1370bf547b013184605fb
fc04089a27846ae2f9b461148e67012f13f86df819377abe5f678de3087fb347

www.hemden.de Open in urlscan Pro 138.201.66.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

83 %HTTPS

68 %IPv6

16 Domains

19 Subdomains

18 IPs

5 Countries

1034 kBTransfer

3283 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hemden.de Open in urlscan Pro
138.201.66.179 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

83 %
HTTPS

68 %
IPv6

16
Domains

19
Subdomains

18
IPs

5
Countries

1034 kB
Transfer

3283 kB
Size

9
Cookies

60 HTTP transactions
2 data transactions