drsmile.de Open in urlscan Pro
2606:4700:10::6816:572 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://e.eb.unterhaltsampost.de/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxRt_YRUOxqeTz-YGP0TAp3...
Effective URL:
https://drsmile.de/emailab/?utm_source=emailnetwork&utm_medium=affiliate&utm_campaign=de-de_affiliate_emailnetwork_...
Submission: On October 21 via manual (October 21st 2022, 7:25:14 pm UTC) from IN — Scanned from DE

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 18 domains to perform 45 HTTP transactions. The main IP is 2606:4700:10::6816:572, located in and belongs to . The main domain is drsmile.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2022. Valid for: a year.

This is the only time drsmile.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	137.135.203.21 137.135.203.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	54.246.129.40 54.246.129.40	16509 (AMAZON-02) (AMAZON-02)
3	52.210.34.251 52.210.34.251	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:8000:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b120:4095:a671:23e5:4310	14618 (AMAZON-AES) (AMAZON-AES)
1	52.71.230.102 52.71.230.102	14618 (AMAZON-AES) (AMAZON-AES)
1 4	54.159.236.39 54.159.236.39	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	34.242.116.160 34.242.116.160	16509 (AMAZON-02) (AMAZON-02)
1 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1 1	64.74.236.159 64.74.236.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2600:1f18:ed:... 2600:1f18:ed:550a:ba6d:66e3:3923:917a	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2606:4700:10:... 2606:4700:10::6816:572	() ()
45	16

3 137.135.203.21 (Dublin, Ireland) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.eb.unterhaltsampost.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.ebidtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.129.40 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-129-40.eu-west-1.compute.amazonaws.com

go.oferting.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trac.oferting.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.210.34.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-34-251.eu-west-1.compute.amazonaws.com

r-ext.oferting.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:8000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:4095:a671:23e5:4310 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.230.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-230-102.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.159.236.39 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-236-39.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.242.116.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-116-160.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.159 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550a:ba6d:66e3:3923:917a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:572 (None, )

ASN- ()

drsmile.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 3527 rp.liadm.com — Cisco Umbrella Rank: 1652 rp4.liadm.com — Cisco Umbrella Rank: 7432 i.liadm.com — Cisco Umbrella Rank: 586 i6.liadm.com — Cisco Umbrella Rank: 2244	21 KB
5	oferting.org 2 redirects go.oferting.org r-ext.oferting.org trac.oferting.org	60 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 865 trc.taboola.com — Cisco Umbrella Rank: 697 trc-events.taboola.com — Cisco Umbrella Rank: 1645	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1189	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	ebidtech.com 2 redirects e.ebidtech.com — Cisco Umbrella Rank: 898394	927 B
1	drsmile.de drsmile.de
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 226
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 343	14 KB
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 560	291 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	265 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	676 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	71 KB
1	unterhaltsampost.de 1 redirects e.eb.unterhaltsampost.de	453 B
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
0	ctfassets.net Failed images.ctfassets.net Failed
0	doubleclick.net Failed cm.g.doubleclick.net Failed
45	18

	Domain	Requested by
4	i.liadm.com	1 redirects b-code.liadm.com i.liadm.com
3	www.google-analytics.com	r-ext.oferting.org
3	r-ext.oferting.org	r-ext.oferting.org
2	trc.taboola.com	i.liadm.com cdn.taboola.com
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	b-code.liadm.com	r-ext.oferting.org b-code.liadm.com
2	e.ebidtech.com	2 redirects
1	drsmile.de	drsmile.de
1	trac.oferting.org	1 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	r-ext.oferting.org
1	trc-events.taboola.com	cdn.taboola.com
1	i6.liadm.com	i.liadm.com
1	b1sync.zemanta.com	1 redirects
1	match.adsrvr.org	i.liadm.com
1	sync.mathtag.com	1 redirects
1	cdn.taboola.com	r-ext.oferting.org
1	rp4.liadm.com	r-ext.oferting.org
1	rp.liadm.com	1 redirects
1	www.googletagmanager.com	r-ext.oferting.org
1	go.oferting.org	1 redirects
1	e.eb.unterhaltsampost.de	1 redirects
0	static.cloudflareinsights.com Failed	drsmile.de
0	images.ctfassets.net Failed	drsmile.de
0	cm.g.doubleclick.net Failed	i.liadm.com
45	26

This site contains no links.

Subject Issuer	Validity	Valid
*.oferting.org Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://drsmile.de/emailab/?utm_source=emailnetwork&utm_medium=affiliate&utm_campaign=de-de_affiliate_emailnetwork_conversion_top-funnel_email&utm_content=preis&utm_term=voucher-300&emn_sid=103850616009942096097162043842663m1io739jn86e1h48jrh7tqrrh6za79j
Frame ID: 05EC99CFB35FA8184D5557C21609F022
Requests: 37 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 7CF72275BC830C84758D1F0CA6D4370F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://e.eb.unterhaltsampost.de/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxR... HTTP 302
http://e.ebidtech.com/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxR... HTTP 302
https://e.ebidtech.com/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxR... HTTP 302
https://go.oferting.org/1mVi3?vars=_vextclickid%3D_*extclickid* HTTP 302
https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=m... Page URL
https://trac.oferting.org/of/?extclickid=_*extclickid*&emn_i=616&emn_a=10385&emn_c=384266&emn_rt=0&ol=... HTTP 302
https://drsmile.de/emailab/?utm_source=emailnetwork&utm_medium=affiliate&utm_campaign=de-de_aff... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

40 %
HTTPS

33 %
IPv6

18
Domains

26
Subdomains

16
IPs

5
Countries

203 kB
Transfer

704 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://e.eb.unterhaltsampost.de/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxRt_YRUOxqeTz-YGP0TAp3BwTKFESyTyhwi0k0PlLC2Ye4vB1HoWAmyxz8b6cLaFfZCGvRYNw_Qj9DZQsENj5eOwrSUbOEPJ7iBLdKXSouPE5YjgCmOW_f5sZjVY283Oh_C7adpaPOkHkoPuqUXE60LNVzsMIKyutyw?l=2 HTTP 302
http://e.ebidtech.com/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxRt_YRUOxqeTz-YGP0TAp3BwTKFESyTyhwi0k0PlLC2Ye4vB1HoWAmyxz8b6cLaFfZCGvRYNw_Qj9DZQsENj5eOwrSUbOEPJ7iBLdKXSouPE5YjgCmOW_f5sZjVY283Oh_C7adpaPOkHkoPuqUXE60LNVzsMIKyutyw?l=2 HTTP 302
https://e.ebidtech.com/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxRt_YRUOxqeTz-YGP0TAp3BwTKFESyTyhwi0k0PlLC2Ye4vB1HoWAmyxz8b6cLaFfZCGvRYNw_Qj9DZQsENj5eOwrSUbOEPJ7iBLdKXSouPE5YjgCmOW_f5sZjVY283Oh_C7adpaPOkHkoPuqUXE60LNVzsMIKyutyw?l=2 HTTP 302
https://go.oferting.org/1mVi3?vars=_vextclickid%3D_*extclickid* HTTP 302
https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu Page URL
https://trac.oferting.org/of/?extclickid=_*extclickid*&emn_i=616&emn_a=10385&emn_c=384266&emn_rt=0&ol=B&emn_p=&emn_cat=9942096-9716204&term=&emn_t=9716204&ref_offer=9942096&hs=1547046664&go=https%3A%2F%2Fdrsmile.de%2Femailab%2F%3Futm_source%3Demailnetwork%26utm_medium%3Daffiliate%26utm_campaign%3Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%26utm_content%3Dpreis%26utm_term%3Dvoucher-300%26emn_sid%3Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu HTTP 302
https://drsmile.de/emailab/?utm_source=emailnetwork&utm_medium=affiliate&utm_campaign=de-de_affiliate_emailnetwork_conversion_top-funnel_email&utm_content=preis&utm_term=voucher-300&emn_sid=103850616009942096097162043842663m1io739jn86e1h48jrh7tqrrh6za79j Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://e.eb.unterhaltsampost.de/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxRt_YRUOxqeTz-YGP0TAp3BwTKFESyTyhwi0k0PlLC2Ye4vB1HoWAmyxz8b6cLaFfZCGvRYNw_Qj9DZQsENj5eOwrSUbOEPJ7iBLdKXSouPE5YjgCmOW_f5sZjVY283Oh_C7adpaPOkHkoPuqUXE60LNVzsMIKyutyw?l=2 HTTP 302
http://e.ebidtech.com/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxRt_YRUOxqeTz-YGP0TAp3BwTKFESyTyhwi0k0PlLC2Ye4vB1HoWAmyxz8b6cLaFfZCGvRYNw_Qj9DZQsENj5eOwrSUbOEPJ7iBLdKXSouPE5YjgCmOW_f5sZjVY283Oh_C7adpaPOkHkoPuqUXE60LNVzsMIKyutyw?l=2 HTTP 302
https://e.ebidtech.com/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxRt_YRUOxqeTz-YGP0TAp3BwTKFESyTyhwi0k0PlLC2Ye4vB1HoWAmyxz8b6cLaFfZCGvRYNw_Qj9DZQsENj5eOwrSUbOEPJ7iBLdKXSouPE5YjgCmOW_f5sZjVY283Oh_C7adpaPOkHkoPuqUXE60LNVzsMIKyutyw?l=2 HTTP 302
https://go.oferting.org/1mVi3?vars=_vextclickid%3D_*extclickid* HTTP 302
https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu

Request Chain 7

https://rp.liadm.com/j?dtstmp=1666380309374&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&tna=v2.5.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Ddr.smile%26utm_medium%3Dsopext%26utm_campaign%3D9942096-9716204%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D10385%2526emn_c%253D384266%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9942096-9716204%2526term%253D%2526emn_t%253D9716204%2526ref_offer%253D9942096%2526hs%253D1547046664%2526go%253Dhttps%25253A%25252F%25252Fdrsmile.de%25252Femailab%25252F%25253Futm_source%25253Demailnetwork%252526utm_medium%25253Daffiliate%252526utm_campaign%25253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%252526utm_content%25253Dpreis%252526utm_term%25253Dvoucher-300%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gRHIuc21pbGUncyB3ZWJzaXRlPC90aXRsZT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1666380309374&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&tna=v2.5.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Ddr.smile%26utm_medium%3Dsopext%26utm_campaign%3D9942096-9716204%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_%2Aextclickid%2A%2526emn_i%253D616%2526emn_a%253D10385%2526emn_c%253D384266%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9942096-9716204%2526term%253D%2526emn_t%253D9716204%2526ref_offer%253D9942096%2526hs%253D1547046664%2526go%253Dhttps%25253A%25252F%25252Fdrsmile.de%25252Femailab%25252F%25253Futm_source%25253Demailnetwork%252526utm_medium%25253Daffiliate%252526utm_campaign%25253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%252526utm_content%25253Dpreis%252526utm_term%25253Dvoucher-300%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gRHIuc21pbGUncyB3ZWJzaXRlPC90aXRsZT4&i6=MjAwMTphYzg6MjA6MjcxOjoxZQ%3D%3D&n3pc=true

Request Chain 12

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F9a74c029e51e4e748ccbb6148d6ed7bd%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec HTTP 302
https://i.liadm.com/s/e/a-00xy/0/9a74c029e51e4e748ccbb6148d6ed7bd?mpid=7156&muid=06206352-f216-4100-9bff-537d4c1b3bdc

Request Chain 14

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=beb76082-9028-41ab-829e-19f22fff20c5 HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=beb76082-9028-41ab-829e-19f22fff20c5&google_hm=YmViNzYwODItOTAyOC00MWFiLTgyOWUtMTlmMjJmZmYyMGM1

Request Chain 15

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F9a74c029e51e4e748ccbb6148d6ed7bd%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F9a74c029e51e4e748ccbb6148d6ed7bd%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-00xy/0/9a74c029e51e4e748ccbb6148d6ed7bd?mpid=82775&muid=35736134630030239754577127307210688629

Request Chain 16

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&rd=Y

Request Chain 18

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
r-ext.oferting.org/r/
Redirect Chain

http://e.eb.unterhaltsampost.de/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxRt_YRUOxqeTz-YGP0TAp3BwTKFESyTyhwi0k0PlLC2Ye4vB1HoWAmyxz8b6cLaFfZCGvRYNw_Qj9DZQsENj5eOwrSU...
http://e.ebidtech.com/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxRt_YRUOxqeTz-YGP0TAp3BwTKFESyTyhwi0k0PlLC2Ye4vB1HoWAmyxz8b6cLaFfZCGvRYNw_Qj9DZQsENj5eOwrSUbOEPJ7iBLd...
https://e.ebidtech.com/c/K4mKl4U_eVnISYZV9wiIHBq9WK5kpvUQfAMJxu26xgF-OH7AjG_iOTFH7Qnp4c8BapZ5VOgPxRt_YRUOxqeTz-YGP0TAp3BwTKFESyTyhwi0k0PlLC2Ye4vB1HoWAmyxz8b6cLaFfZCGvRYNw_Qj9DZQsENj5eOwrSUbOEPJ7iBL...
https://go.oferting.org/1mVi3?vars=_vextclickid%3D_*extclickid*
https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.ofer...

15 KB
6 KB

263ms
58ms

Document
text/html

52.210.34.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.34.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-34-251.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 71ead05debaf005d53826af25bb7848ad0f717e3fa85641ff0e7924331ffa93c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 21 Oct 2022 19:25:09 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html
Date: Fri, 21 Oct 2022 19:25:07 GMT
Keep-Alive: timeout=2, max=200
Location: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Server: Apache
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10-1ubuntu3.26

GET
H2 200 a-00xy.min.js Show response
b-code.liadm.com/ 28 KB
11 KB 92ms
21ms Script
application/javascript 2600:9000:2057:8000:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00xy.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1fbf2ef922db8f3d203fb1ae002f8b5bc51e55070ea03646fd5679f88780a95e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 04:24:00 GMT
content-encoding: gzip
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 54069
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: dY4zgzFM-1gwci4Y_f0AmN8EcOIykABOo_jH9BEm62cLtgIqvalMlg==

GET
H2 200 preload.gif
r-ext.oferting.org/images/ 18 KB
18 KB 40ms
39ms Image
image/gif 52.210.34.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-ext.oferting.org/images/preload.gif
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.34.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-34-251.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 19:25:09 GMT
last-modified: Sat, 23 Jul 2022 07:58:20 GMT
server: nginx
accept-ranges: bytes
etag: "62dbaa1c-47ed"
content-length: 18413
content-type: image/gif

GET
H2 200 jquery-3.3.1.min.js Show response
r-ext.oferting.org/js/ 85 KB
34 KB 61ms
60ms Script
application/javascript 52.210.34.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r-ext.oferting.org/js/jquery-3.3.1.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.34.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-34-251.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 19:25:09 GMT
content-encoding: gzip
last-modified: Sat, 23 Jul 2022 07:58:20 GMT
server: nginx
etag: W/"62dbaa1c-1538f"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 800ms
274ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Oct 2022 19:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 552
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 21 Oct 2022 21:15:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
71 KB 818ms
293ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ML8Z3ZJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad880e97bab6a2402859be55be82467f4a854c1c3b3cb8ef24624e61d1c16622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 19:25:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71816
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Oct 2022 19:25:09 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
6 KB 20ms
20ms Script
application/javascript 2600:9000:2057:8000:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-00xy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
date: Tue, 04 Oct 2022 17:05:41 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1477169
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5904
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
etag: "ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: sNyvBinV7Rb5EOuXJ0MewwgB9142NwpOFb7wvvCNJCjTWiDrDQO1cw==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1666380309374&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&tna=v2.5.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Ddr.smile%26utm_mediu...
https://rp4.liadm.com/j?dtstmp=1666380309374&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&tna=v2.5.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Ddr.smile%26utm_medi...

13 B
553 B

354ms
107ms

XHR
application/json

52.71.230.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1666380309374&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&tna=v2.5.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Ddr.smile%26utm_medium%3Dsopext%26utm_campaign%3D9942096-9716204%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_%2Aextclickid%2A%2526emn_i%253D616%2526emn_a%253D10385%2526emn_c%253D384266%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9942096-9716204%2526term%253D%2526emn_t%253D9716204%2526ref_offer%253D9942096%2526hs%253D1547046664%2526go%253Dhttps%25253A%25252F%25252Fdrsmile.de%25252Femailab%25252F%25253Futm_source%25253Demailnetwork%252526utm_medium%25253Daffiliate%252526utm_campaign%25253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%252526utm_content%25253Dpreis%252526utm_term%25253Dvoucher-300%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gRHIuc21pbGUncyB3ZWJzaXRlPC90aXRsZT4&i6=MjAwMTphYzg6MjA6MjcxOjoxZQ%3D%3D&n3pc=true

Requested by

Protocol

Server

52.71.230.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-230-102.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 19:25:10 GMT
x-pixel-event-id: bb4eea61-3f22-4091-a18a-7b364c1c7fa4
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 1
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 17339c43067180a9
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 21 Oct 2022 19:25:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1666380309374&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&tna=v2.5.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Ddr.smile%26utm_medium%3Dsopext%26utm_campaign%3D9942096-9716204%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_%2Aextclickid%2A%2526emn_i%253D616%2526emn_a%253D10385%2526emn_c%253D384266%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9942096-9716204%2526term%253D%2526emn_t%253D9716204%2526ref_offer%253D9942096%2526hs%253D1547046664%2526go%253Dhttps%25253A%25252F%25252Fdrsmile.de%25252Femailab%25252F%25253Futm_source%25253Demailnetwork%252526utm_medium%25253Daffiliate%252526utm_campaign%25253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%252526utm_content%25253Dpreis%252526utm_term%25253Dvoucher-300%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gRHIuc21pbGUncyB3ZWJzaXRlPC90aXRsZT4&i6=MjAwMTphYzg6MjA6MjcxOjoxZQ%3D%3D&n3pc=true
access-control-allow-origin: https://r-ext.oferting.org
request-time: 0
access-control-allow-credentials: true
trace-id: 9f4172c394efdc3d
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 545ms
544ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2133639370&t=pageview&_s=1&dl=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Ddr.smile%26utm_medium%3Dsopext%26utm_campaign%3D9942096-9716204%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D10385%2526emn_c%253D384266%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9942096-9716204%2526term%253D%2526emn_t%253D9716204%2526ref_offer%253D9942096%2526hs%253D1547046664%2526go%253Dhttps%25253A%25252F%25252Fdrsmile.de%25252Femailab%25252F%25253Futm_source%25253Demailnetwork%252526utm_medium%25253Daffiliate%252526utm_campaign%25253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%252526utm_content%25253Dpreis%252526utm_term%25253Dvoucher-300%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Dr.smile%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GgACAABBAAAAAAAIE~&cid=1650111154.1666380310&tid=UA-46029424-1&_gid=2027051615.1666380310&z=1511264053

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Oct 2022 08:35:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38951
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 545ms
544ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Oct 2022 08:35:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38951
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a-00xy Show response
i.liadm.com/s/c/ Frame 7CF7 1 KB
1 KB 405ms
111ms Document
text/html 54.159.236.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.159.236.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-159-236-39.compute-1.amazonaws.com

Software

Resource Hash

4cc3a695500e62fa2672700794e044d9636a00ae7ae15f79787ec880c1917201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://r-ext.oferting.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 639
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Oct 2022 19:25:10 GMT
ETag: 1.61803398874
Request-Time: 6
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1192092/ 57 KB
18 KB 340ms
30ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78e4a4a3c6b5f6eae89b0542a1c8d1d129bdd07977ee13429bace790ed3aa5ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: crTSR1.Ve0TKp2usMKJKR6Na0Bj1Uv6W
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Oct 2022 19:25:10 GMT
x-amz-request-id: V2GSK969RWWQ4VWG
age: 147
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17956
x-amz-id-2: c1H9T9GrzTV3774+kdW4E9S+LbjcPZeNesmEC/IWEgPiMVmgth0cyIptPQ1WLxcZMsHGWEYDb9c=
x-served-by: cache-cdg20754-CDG
last-modified: Sun, 16 Oct 2022 11:04:19 GMT
server: AmazonS3
x-timer: S1666380311.892501,VS0,VE1
etag: "fb3dc8c3abb98a5899850802b3b38a99"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 87
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1

200
OK

9a74c029e51e4e748ccbb6148d6ed7bd
i.liadm.com/s/e/a-00xy/0/ Frame 7CF7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F9a74c029e51e4e748ccbb6148d6ed7bd%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&64b1a8d9-3b4f-43d7-bf4d-9f6...
https://i.liadm.com/s/e/a-00xy/0/9a74c029e51e4e748ccbb6148d6ed7bd?mpid=7156&muid=06206352-f216-4100-9bff-537d4c1b3bdc

43 B
274 B

110ms
110ms

Image
image/gif

54.159.236.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-00xy/0/9a74c029e51e4e748ccbb6148d6ed7bd?mpid=7156&muid=06206352-f216-4100-9bff-537d4c1b3bdc

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Server

54.159.236.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-159-236-39.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 19:25:10 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Date: Fri, 21 Oct 2022 19:25:10 GMT
Server: MT3 4539 98cc2da master zrh-pixel-x27 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://i.liadm.com/s/e/a-00xy/0/9a74c029e51e4e748ccbb6148d6ed7bd?mpid=7156&muid=06206352-f216-4100-9bff-537d4c1b3bdc
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 21 Oct 2022 19:25:09 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7CF7 70 B
265 B 394ms
47ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Oct 2022 19:25:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET

pixel
cm.g.doubleclick.net/ Frame 7CF7
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=beb76082-9028-41ab-829e-19f22fff20c5
https://x.bidswitch.net/sync?ssp=liveintent&user_id=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=beb76082-9028-41ab-829e-19f22fff20c5&google_hm=YmViNzYwODItOTAyOC00MWFiLTgyOWUtMTlmMjJmZmYyMGM1

0
0

GET
H/1.1

200
OK

9a74c029e51e4e748ccbb6148d6ed7bd
i.liadm.com/s/e/a-00xy/0/ Frame 7CF7
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F9a74c029e51e4e748ccbb6148d6ed7bd%3Fmpid%3D82775%26muid%3D%2...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F9a74c029e51e4e748ccbb6148d6ed7bd%3Fmp...
https://i.liadm.com/s/e/a-00xy/0/9a74c029e51e4e748ccbb6148d6ed7bd?mpid=82775&muid=35736134630030239754577127307210688629

43 B
274 B

205ms
106ms

Image
image/gif

54.159.236.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-00xy/0/9a74c029e51e4e748ccbb6148d6ed7bd?mpid=82775&muid=35736134630030239754577127307210688629

Requested by

Protocol

HTTP/1.1

Server

54.159.236.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-159-236-39.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 19:25:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-2-v044-0c2c7cff5.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: wPpp20aDQFQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-00xy/0/9a74c029e51e4e748ccbb6148d6ed7bd?mpid=82775&muid=35736134630030239754577127307210688629
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 7CF7
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&rd=Y

43 B
603 B

232ms
232ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&rd=Y

Requested by

Protocol

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Fri, 21 Oct 2022 19:25:11 GMT
pragma: no-cache
date: Fri, 21 Oct 2022 19:25:11 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec&rd=Y
pragma: no-cache
date: Fri, 21 Oct 2022 19:25:11 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 21 Oct 2022 19:25:11 GMT

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 7CF7 43 B
367 B 78ms
28ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 21 Oct 2022 19:25:10 GMT
via: 1.1 varnish
x-served-by: cache-hhn4021-HHN
server: nginx
x-timer: S1666380311.715303,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

35004
i6.liadm.com/s/ Frame 7CF7
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

43 B
436 B

348ms
109ms

Image
image/gif

2600:1f18:ed:550a:ba6d:66e3:3923:917a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:ba6d:66e3:3923:917a Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 19:25:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date: Fri, 21 Oct 2022 19:25:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 json Show response
trc.taboola.com/1192092/trc/3/ 2 KB
1 KB 34ms
33ms Script
application/javascript 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1192092/trc/3/json?tim=1666380310939&data=%7B%22id%22%3A706%2C%22ii%22%3A%22%2Fr%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666380310925%2C%22cv%22%3A%2220221013-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Ddr.smile%26utm_medium%3Dsopext%26utm_campaign%3D9942096-9716204%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D10385%2526emn_c%253D384266%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9942096-9716204%2526term%253D%2526emn_t%253D9716204%2526ref_offer%253D9942096%2526hs%253D1547046664%2526go%253Dhttps%25253A%25252F%25252Fdrsmile.de%25252Femailab%25252F%25253Futm_source%25253Demailnetwork%252526utm_medium%25253Daffiliate%252526utm_campaign%25253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%252526utm_content%25253Dpreis%252526utm_term%25253Dvoucher-300%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Ddr.smile%26utm_medium%3Dsopext%26utm_campaign%3D9942096-9716204%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-asuvoravaemailingnetworkcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1666380310936%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Ddr.smile%26utm_medium%3Dsopext%26utm_campaign%3D9942096-9716204%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D10385%2526emn_c%253D384266%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9942096-9716204%2526term%253D%2526emn_t%253D9716204%2526ref_offer%253D9942096%2526hs%253D1547046664%2526go%253Dhttps%25253A%25252F%25252Fdrsmile.de%25252Femailab%25252F%25253Futm_source%25253Demailnetwork%252526utm_medium%25253Daffiliate%252526utm_campaign%25253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%252526utm_content%25253Dpreis%252526utm_term%25253Dvoucher-300%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85070a31816f7cfb25e5454bfd518a7ad3688706586fbdea6d83baa79b9903aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Fri, 21 Oct 2022 19:25:10 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn4021-HHN
server: nginx
x-timer: S1666380311.954006,VS0,VE16
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1192092/log/3/ 0
249 B 91ms
22ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1192092/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=100&ssd=1&est=1666380310932&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1666380312486&vi=1666380310925&ri=0ff7a5e0ab1e8c08bfd0575cd7a9cf04&ref=null&cv=20221013-3-RELEASE&item-url=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Ddr.smile%26utm_medium%3Dsopext%26utm_campaign%3D9942096-9716204%26orig%3Dmanual%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dbeauty%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_*extclickid*%2526emn_i%253D616%2526emn_a%253D10385%2526emn_c%253D384266%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9942096-9716204%2526term%253D%2526emn_t%253D9716204%2526ref_offer%253D9942096%2526hs%253D1547046664%2526go%253Dhttps%25253A%25252F%25252Fdrsmile.de%25252Femailab%25252F%25253Futm_source%25253Demailnetwork%252526utm_medium%25253Daffiliate%252526utm_campaign%25253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%252526utm_content%25253Dpreis%252526utm_term%25253Dvoucher-300%252526emn_sid%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://r-ext.oferting.org
pragma: no-cache
date: Fri, 21 Oct 2022 19:25:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 84ms
25ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Oct 2022 19:25:12 GMT
x-amz-request-id: JX9BJ5A0T3RCWFDS
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: ckmsmDhUIvz1QbnxT2nu3XBCq1gIKwkgVKhIckRNmT43GYHAXnE3CtPYejwHTlBXhS5DcyT13/U=
x-served-by: cache-cdg20770-CDG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1666380313.733767,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 242

GET
H/1.1 402
Payment Required 801818eb79
bam.nr-data.net/1/ 0
0 255ms
192ms Script
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/801818eb79?a=67561576&v=1216.487a282&to=b1BbMUZZDxBTAkFYWlYabBddFwgNVgRNH0VQRQ%3D%3D&rst=4563&ck=1&ref=https://r-ext.oferting.org/r/&ap=16&be=986&fe=4472&dc=1061&perf=%7B%22timing%22:%7B%22of%22:1666380308188,%22n%22:0,%22f%22:704,%22dn%22:705,%22dne%22:825,%22c%22:825,%22s%22:867,%22ce%22:909,%22rq%22:909,%22rp%22:967,%22rpe%22:967,%22dl%22:969,%22di%22:1061,%22ds%22:1061,%22de%22:1061,%22dc%22:4472,%22l%22:4472,%22le%22:4472%7D,%22navigation%22:%7B%7D%7D&fp=1012&fcp=1012&at=QxdYRw5DHB4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 19:25:12 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 75dc60bb4cf499b0-CDG
Content-Length: 2
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8

GET
H2

200

Primary Request /
drsmile.de/emailab/
Redirect Chain

https://trac.oferting.org/of/?extclickid=_*extclickid*&emn_i=616&emn_a=10385&emn_c=384266&emn_rt=0&ol=B&emn_p=&emn_cat=9942096-9716204&term=&emn_t=9716204&ref_offer=9942096&hs=1547046664&go=https%3...
https://drsmile.de/emailab/?utm_source=emailnetwork&utm_medium=affiliate&utm_campaign=de-de_affiliate_emailnetwork_conversion_top-funnel_email&utm_content=preis&utm_term=voucher-300&emn_sid=1038506...

203 KB
0

117ms
69ms

Document
text/html

2606:4700:10::6816:572

General

Check archive.org

Show headers Download Go to

Full URL

https://drsmile.de/emailab/?utm_source=emailnetwork&utm_medium=affiliate&utm_campaign=de-de_affiliate_emailnetwork_conversion_top-funnel_email&utm_content=preis&utm_term=voucher-300&emn_sid=103850616009942096097162043842663m1io739jn86e1h48jrh7tqrrh6za79j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:572 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r-ext.oferting.org/r/?utm_source=dr.smile&utm_medium=sopext&utm_campaign=9942096-9716204&orig=manual&utm_term=generica&rtt=&f=0&c=beauty&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_*extclickid*%26emn_i%3D616%26emn_a%3D10385%26emn_c%3D384266%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9942096-9716204%26term%3D%26emn_t%3D9716204%26ref_offer%3D9942096%26hs%3D1547046664%26go%3Dhttps%253A%252F%252Fdrsmile.de%252Femailab%252F%253Futm_source%253Demailnetwork%2526utm_medium%253Daffiliate%2526utm_campaign%253Dde-de_affiliate_emailnetwork_conversion_top-funnel_email%2526utm_content%253Dpreis%2526utm_term%253Dvoucher-300%2526emn_sid%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15201
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75dc60c53fe39249-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 21 Oct 2022 19:25:14 GMT
feature-policy: none
referrer-policy: unsafe-url
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230057-FRA
x-timer: S1666380314.481075,VS0,VE1
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html; charset=iso-8859-15
Date: Fri, 21 Oct 2022 19:25:12 GMT
Keep-Alive: timeout=2, max=200
Location: https://drsmile.de/emailab/?utm_source=emailnetwork&utm_medium=affiliate&utm_campaign=de-de_affiliate_emailnetwork_conversion_top-funnel_email&utm_content=preis&utm_term=voucher-300&emn_sid=103850616009942096097162043842663m1io739jn86e1h48jrh7tqrrh6za79j
Server: Apache
Status: 301 Moved Permanently
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10-1ubuntu3.26

POST 801818eb79
bam.nr-data.net/events/1/ 0
0

POST 801818eb79
bam.nr-data.net/jserrors/1/ 0
0

GET ProximaNovaA-Light-91455df5154b2167123f9ebc0da99029.woff2
drsmile.de/static/ 0
0

GET ProximaNovaA-Regular-dc03939223291dae78f8d612de628a4a.woff2
drsmile.de/static/ 0
0

GET ProximaNovaA-Medium-eabd243c8c68b11b05edb1772c4da612.woff2
drsmile.de/static/ 0
0

GET ProximaNovaA-Semibold-731e695dec7c66ac1736bed493ec703f.woff2
drsmile.de/static/ 0
0

GET ProximaNovaA-Bold-ff619a8155320cbd2702534ea47c581f.woff2
drsmile.de/static/ 0
0

GET 3_____1.avif
drsmile.de/static/15041a48d8e7ddeb8aec9a925afb28c8/c2e12/ 0
0

GET commons-b4bbe53517777fdfbb3e.js
drsmile.de/ 0
0

GET 5fb6313ac7504ec76eb2e2593144055ad3a31707-fc21d54e346d24bed4a8.js
drsmile.de/ 0
0

GET f79b425965431d073e2af11634e820be4f10861c-1d99454861ed5c10561d.js
drsmile.de/ 0
0

GET mui-components-sections-HeroSection-031c0e2391898e9bccb3.js
drsmile.de/ 0
0

GET d2ce6aa0-6f307435f90a7e458d22.js
drsmile.de/ 0
0

GET 9e3875f5-96e1cdb9bed729ae6e95.js
drsmile.de/ 0
0

GET components-Features-f56056ebbe34ae6f3a4d.js
drsmile.de/ 0
0

GET 9773e5b201870572d46a5c3f0d48587a0125f513-71ead99e86034abe8f8b.js
drsmile.de/ 0
0

GET components-Locations-e77d836f41c349d918e5.js
drsmile.de/ 0
0

GET components-Faq-ea2c4f77c7a046754531.js
drsmile.de/ 0
0

GET logo_black.svg
images.ctfassets.net/5fjjg8tiriqf/4ZGJRxBP0uGsoXt88mFf94/bb66fd9397d6570798c2151146b44cd6/ 0
0

GET rocket-loader.min.js
drsmile.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 0
0

GET v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=beb76082-9028-41ab-829e-19f22fff20c5&google_hm=YmViNzYwODItOTAyOC00MWFiLTgyOWUtMTlmMjJmZmYyMGM1

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/801818eb79?a=67561576&v=1216.487a282&to=b1BbMUZZDxBTAkFYWlYabBddFwgNVgRNH0VQRQ%3D%3D&rst=6406&ck=1&ref=https://r-ext.oferting.org/r/

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/jserrors/1/801818eb79?a=67561576&v=1216.487a282&to=b1BbMUZZDxBTAkFYWlYabBddFwgNVgRNH0VQRQ%3D%3D&rst=6407&ck=1&ref=https://r-ext.oferting.org/r/

Domain: drsmile.de
URL: https://drsmile.de/static/ProximaNovaA-Light-91455df5154b2167123f9ebc0da99029.woff2

Domain: drsmile.de
URL: https://drsmile.de/static/ProximaNovaA-Regular-dc03939223291dae78f8d612de628a4a.woff2

Domain: drsmile.de
URL: https://drsmile.de/static/ProximaNovaA-Medium-eabd243c8c68b11b05edb1772c4da612.woff2

Domain: drsmile.de
URL: https://drsmile.de/static/ProximaNovaA-Semibold-731e695dec7c66ac1736bed493ec703f.woff2

Domain: drsmile.de
URL: https://drsmile.de/static/ProximaNovaA-Bold-ff619a8155320cbd2702534ea47c581f.woff2

Domain: drsmile.de
URL: https://drsmile.de/static/15041a48d8e7ddeb8aec9a925afb28c8/c2e12/3_____1.avif

Domain: drsmile.de
URL: https://drsmile.de/commons-b4bbe53517777fdfbb3e.js

Domain: drsmile.de
URL: https://drsmile.de/5fb6313ac7504ec76eb2e2593144055ad3a31707-fc21d54e346d24bed4a8.js

Domain: drsmile.de
URL: https://drsmile.de/f79b425965431d073e2af11634e820be4f10861c-1d99454861ed5c10561d.js

Domain: drsmile.de
URL: https://drsmile.de/mui-components-sections-HeroSection-031c0e2391898e9bccb3.js

Domain: drsmile.de
URL: https://drsmile.de/d2ce6aa0-6f307435f90a7e458d22.js

Domain: drsmile.de
URL: https://drsmile.de/9e3875f5-96e1cdb9bed729ae6e95.js

Domain: drsmile.de
URL: https://drsmile.de/components-Features-f56056ebbe34ae6f3a4d.js

Domain: drsmile.de
URL: https://drsmile.de/9773e5b201870572d46a5c3f0d48587a0125f513-71ead99e86034abe8f8b.js

Domain: drsmile.de
URL: https://drsmile.de/components-Locations-e77d836f41c349d918e5.js

Domain: drsmile.de
URL: https://drsmile.de/components-Faq-ea2c4f77c7a046754531.js

Domain: images.ctfassets.net
URL: https://images.ctfassets.net/5fjjg8tiriqf/4ZGJRxBP0uGsoXt88mFf94/bb66fd9397d6570798c2151146b44cd6/logo_black.svg

Domain: drsmile.de
URL: https://drsmile.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
r-ext.oferting.org/r	1970-01-20 06:53:00	Name: _liChk Value: 0.025068442299747806
i.liadm.com/s	1970-01-20 07:36:12	Name: _li_ss Value: MgYIgQEQxBMyBQgMEMQTMgkI_____wcQxBM
e.ebidtech.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: um15o3ebjlmr1eplgq00386la4
e.ebidtech.com/	1970-01-20 16:29:00	Name: ebtracker_37556 Value: juqHq03wXwJBjl07150w0Qi%2Bn3eCGrsCvhy2bO4JnCAkxRT%2FKx5ehdQRgruH7BGU9%2FRwYAcdjmA9OvvUZDPO3RVCcH3P2Ph6GefuM068UFA8DgLZ%2BiUIkPn2avOc4zgfEavaGRLSXgu%2FFIc5fBiNMnJr3GT2RAHx
.oferting.org/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .oferting.org
.oferting.org/	1970-01-20 16:29:00	Name: _lc2_fpi Value: 0d3d1fb3a190--01gfy038r9r7w7tgcm75jqwrtm
.liadm.com/	1970-01-20 16:29:00	Name: lidid Value: 64b1a8d9-3b4f-43d7-bf4d-9f645d6da6ec
.mathtag.com/	1970-01-20 16:18:55	Name: uuid Value: 06206352-f216-4100-9bff-537d4c1b3bdc
.bidswitch.net/	1970-01-20 15:38:36	Name: tuuid Value: beb76082-9028-41ab-829e-19f22fff20c5
.bidswitch.net/	1970-01-20 15:38:36	Name: c Value: 1666380310
.bidswitch.net/	1970-01-20 15:38:36	Name: tuuid_lu Value: 1666380310
.demdex.net/	1970-01-20 11:12:12	Name: demdex Value: 35736134630030239754577127307210688629
.dpm.demdex.net/	1970-01-20 11:12:12	Name: dpm Value: 35736134630030239754577127307210688629
.addthis.com/	1970-01-20 16:23:14	Name: na_id Value: 2022102119251000016110598456
.addthis.com/	1970-01-20 16:23:14	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:23:14	Name: uid Value: 6352f216d247ec6d
.addthis.com/	1970-01-20 16:23:14	Name: ouid Value: 6352f2160001db09198298d3e4093fcb33b6d17129d765923588
.dlx.addthis.com/	1970-01-20 07:36:12	Name: na_sc_x Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bam.nr-data.net/1/801818eb79?a=67561576&v=1216.487a282&to=b1BbMUZZDxBTAkFYWlYabBddFwgNVgRNH0VQRQ%3D%3D&rst=4563&ck=1&ref=https://r-ext.oferting.org/r/&ap=16&be=986&fe=4472&dc=1061&perf=%7B%22timing%22:%7B%22of%22:1666380308188,%22n%22:0,%22f%22:704,%22dn%22:705,%22dne%22:825,%22c%22:825,%22s%22:867,%22ce%22:909,%22rq%22:909,%22rp%22:967,%22rpe%22:967,%22dl%22:969,%22di%22:1061,%22ds%22:1061,%22de%22:1061,%22dc%22:4472,%22l%22:4472,%22le%22:4472%7D,%22navigation%22:%7B%7D%7D&fp=1012&fcp=1012&at=QxdYRw5DHB4%3D&jsonp=NREUM.setToken Message: Failed to load resource: the server responded with a status of 402 (Payment Required)
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'none'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-code.liadm.com
b1sync.zemanta.com
bam.nr-data.net
cdn.taboola.com
cm.g.doubleclick.net
dpm.demdex.net
drsmile.de
e.eb.unterhaltsampost.de
e.ebidtech.com
go.oferting.org
i.liadm.com
i6.liadm.com
images.ctfassets.net
js-agent.newrelic.com
match.adsrvr.org
r-ext.oferting.org
rp.liadm.com
rp4.liadm.com
static.cloudflareinsights.com
sync.mathtag.com
trac.oferting.org
trc-events.taboola.com
trc.taboola.com
www.google-analytics.com
www.googletagmanager.com
x.dlx.addthis.com
bam.nr-data.net
cm.g.doubleclick.net
drsmile.de
images.ctfassets.net
static.cloudflareinsights.com
137.135.203.21
141.226.228.48
151.101.65.44
151.101.66.137
162.247.241.14
185.29.132.241
2600:1f18:730:b120:4095:a671:23e5:4310
2600:1f18:ed:550a:ba6d:66e3:3923:917a
2600:9000:2057:8000:8:8845:1500:93a1
2606:4700:10::6816:572
2a00:1450:4001:829::200e
2a00:1450:4001:830::2008
2a04:4e42:400::300
34.242.116.160
52.210.34.251
52.223.40.198
52.71.230.102
54.159.236.39
54.246.129.40
64.74.236.159
69.192.160.219
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1fbf2ef922db8f3d203fb1ae002f8b5bc51e55070ea03646fd5679f88780a95e
4cc3a695500e62fa2672700794e044d9636a00ae7ae15f79787ec880c1917201
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
71ead05debaf005d53826af25bb7848ad0f717e3fa85641ff0e7924331ffa93c
78e4a4a3c6b5f6eae89b0542a1c8d1d129bdd07977ee13429bace790ed3aa5ab
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85070a31816f7cfb25e5454bfd518a7ad3688706586fbdea6d83baa79b9903aa
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
ad880e97bab6a2402859be55be82467f4a854c1c3b3cb8ef24624e61d1c16622
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

drsmile.de Open in urlscan Pro 2606:4700:10::6816:572 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

40 %HTTPS

33 %IPv6

18 Domains

26 Subdomains

16 IPs

5 Countries

203 kBTransfer

704 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

18 Cookies

2 Console Messages

drsmile.de Open in urlscan Pro
2606:4700:10::6816:572 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

40 %
HTTPS

33 %
IPv6

18
Domains

26
Subdomains

16
IPs

5
Countries

203 kB
Transfer

704 kB
Size

18
Cookies

45 HTTP transactions
0 data transactions