www.geheimeaffaires.com Open in urlscan Pro
35.195.88.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://judnfuting.eu/link/4lZD77IyzbLQ41dtjZcZZr
Effective URL:
https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=om...
Submission: On October 14 via api (October 14th 2019, 6:10:11 am UTC) from BE

Summary HTTP 21 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 8 domains to perform 21 HTTP transactions. The main IP is 35.195.88.46, located in Ascension Island and belongs to GOOGLE - Google LLC, US. The main domain is www.geheimeaffaires.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 13th 2019. Valid for: 3 months.

This is the only time www.geheimeaffaires.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.234.64.124 35.234.64.124	15169 (GOOGLE) (GOOGLE - Google LLC)
13	35.195.88.46 35.195.88.46	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY - Fastly)
1 3	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	35.195.163.35 35.195.163.35	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
21	5

1 35.234.64.124 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 124.64.234.35.bc.googleusercontent.com

judnfuting.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.195.88.46 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 46.88.195.35.bc.googleusercontent.com

www.geheimeaffaires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.195.163.35 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 35.163.195.35.bc.googleusercontent.com

eu.collectconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.eu.collectconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	geheimeaffaires.com www.geheimeaffaires.com	353 KB
4	collectconsent.com eu.collectconsent.com api.eu.collectconsent.com	44 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	183 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	171 B
1	polyfill.io cdn.polyfill.io	601 B
1	judnfuting.eu 1 redirects judnfuting.eu	266 B
21	8

	Domain	Requested by
13	www.geheimeaffaires.com	www.geheimeaffaires.com
3	www.google-analytics.com	1 redirects www.geheimeaffaires.com
2	api.eu.collectconsent.com	eu.collectconsent.com
2	eu.collectconsent.com	www.geheimeaffaires.com eu.collectconsent.com
1	www.google.de	www.geheimeaffaires.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	cdn.polyfill.io	www.geheimeaffaires.com
1	judnfuting.eu	1 redirects
21	9

This site contains links to these domains. Also see Links.

Domain
affiliateheavens.com

Subject Issuer	Validity	Valid
geheimeaffaires.com Let's Encrypt Authority X3	`2019-10-13` - `2020-01-11`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
eu.collectconsent.com Let's Encrypt Authority X3	`2019-09-10` - `2019-12-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
Frame ID: 4F05F193C94410C977812144077405F4
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://judnfuting.eu/link/4lZD77IyzbLQ41dtjZcZZr HTTP 302
https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_c... Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /^https?:\/\/cdn\.polyfill\.io\//i
script /\/polyfill\.min\.js/i

Page Statistics

21
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

5
IPs

4
Countries

415 kB
Transfer

934 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://affiliateheavens.com/
Title: Affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://judnfuting.eu/link/4lZD77IyzbLQ41dtjZcZZr HTTP 302
https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=281719109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geheimeaffaires.com%2Fagreement%3Fpt1%3D2683395196%26utm_source%3DnotificationEmail%26utm_medium%3Demail%26utm_campaign%3D%26utm_term%3Domnimailr%2Bgeheimeaffaires.com%2Bhotmail.com&ul=en-us&de=UTF-8&dt=Geheimeaffaires.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEAB~&jid=1013174460&gjid=1064859163&cid=1056192322.1571033395&tid=UA-132064855-5&_gid=208128255.1571033395&_r=1&cd1=geheimeaffaires.com&cd2=geheimeaffaires.com&z=498537410 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-132064855-5&cid=1056192322.1571033395&jid=1013174460&_gid=208128255.1571033395&gjid=1064859163&_v=j79&z=498537410 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132064855-5&cid=1056192322.1571033395&jid=1013174460&_v=j79&z=498537410 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132064855-5&cid=1056192322.1571033395&jid=1013174460&_v=j79&z=498537410&slf_rd=1&random=4218445567

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request agreement Show response
www.geheimeaffaires.com/
Redirect Chain

https://judnfuting.eu/link/4lZD77IyzbLQ41dtjZcZZr
https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com

36 KB
10 KB

128ms
55ms

Document
text/html

35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

bda73f69e4c7c24b3428df0f49f31610bd0ed7a62a70b188388469381715b1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.geheimeaffaires.com
:scheme: https
:path: /agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx/1.10.3 (Ubuntu)
date: Mon, 14 Oct 2019 06:09:54 GMT
content-type: text/html; charset=utf-8
content-length: 9723
vary: X-Forwarded-Proto,Host,Accept-Encoding
set-cookie: system=sessionId%3D4BWHGhTEyFeLevKIyjsNyl%26pt%255Bpt1%255D%3D2683395196%26p%3D1025004%26pi%3Dtypein; path=/; domain=.geheimeaffaires.com
content-encoding: gzip
x-ua-compatible: IE=edge,chrome=1
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

Redirect headers

status: 302
server: nginx/1.10.3 (Ubuntu)
date: Mon, 14 Oct 2019 06:09:54 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
601 B 51ms
35ms Script
text/javascript 2a04:4e42:1b::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: www.geheimeaffaires.com
URL: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2999331
detected-user-agent: Chrome/74.0.3729
status: 200
request_came_from_shield: HHN
server-timing: HIT, fastly;desc="Edge time";dur=0, MISS-CLUSTER, fastly;desc="Edge time";dur=12
content-length: 126
etag: W/"7e-Lg1mQtlDtrujPBTtidtsoNmOeEQ"
referrer-policy: origin-when-cross-origin
date: Mon, 14 Oct 2019 06:09:54 GMT
vary: User-Agent, Accept-Encoding
normalized-user-agent: chrome/74.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 splash.less
www.geheimeaffaires.com/css/ 50 KB
6 KB 26ms
25ms Stylesheet
text/css 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/css/splash.less

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a42049601e272cc945884a1cebf833f02d2d35faaeae374371c8b798625d3feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Oct 2019 11:50:58 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "c6b6-5948d03cc267c-gzip"
vary: X-Forwarded-Proto,Host,Accept-Encoding
content-type: text/css
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 6345
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 logo.png
www.geheimeaffaires.com/img/ 5 KB
5 KB 23ms
23ms Image
image/png 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geheimeaffaires.com/img/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7aa4551756597459a1c604b16b417fd02900aa4a4a2d63dbb2f866c7e848c157

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Apr 2019 06:40:10 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "140a-5876934c20680"
vary: X-Forwarded-Proto,Host
content-type: image/png
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 5130
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 moment.min.js Show response
www.geheimeaffaires.com/js/libraries/ 50 KB
17 KB 28ms
28ms Script
application/javascript 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/js/libraries/moment.min.js?av=v2.6.4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2019 11:06:21 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "c9df-586a3c24a6540-gzip"
vary: X-Forwarded-Proto,Host,Accept-Encoding
content-type: application/javascript
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 16804
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 font-awesome-all.css
www.geheimeaffaires.com/css/ 93 KB
16 KB 24ms
24ms Stylesheet
text/css 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/css/font-awesome-all.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c0547ed534d4e7b615ea7f90f0612d4a6364fc937ca77deb0360132a16f7f57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2019 11:06:21 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "172aa-586a3c24a6540-gzip"
vary: X-Forwarded-Proto,Host,Accept-Encoding
content-type: text/css
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 16287
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5915
date: Mon, 14 Oct 2019 04:31:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 14 Oct 2019 06:31:19 GMT

GET
H2 200 app.general.min.js Show response
www.geheimeaffaires.com/dist/js/general/ 263 KB
93 KB 47ms
47ms Script
application/javascript 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/dist/js/general/app.general.min.js?av=v2.6.4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9dda9b19a59a42b62e6e700bcef818c2873988cdd10bed190de7052ea43ccac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Oct 2019 11:56:43 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "41dd5-593ec2998d4c0-gzip"
vary: X-Forwarded-Proto,Host,Accept-Encoding
content-type: application/javascript
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 cc.js Show response
eu.collectconsent.com/ 117 KB
14 KB 101ms
54ms Script
application/javascript 35.195.163.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.collectconsent.com/cc.js?wId=41YuKVaYkGa5iFXaJ3xU48&domain=geheimeaffaires.com&sessionId=4BWHGhTEyFeLevKIyjsNyl&languageCode=nl&languageTerritory=BE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

4126c1404be7af64e4312e966adfadc392a0ebcb39174bde618243a077a0d37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
status: 200
strict-transport-security: max-age=63072000;
content-length: 14058

GET
H2 200 ProximaNova-Regular.woff
www.geheimeaffaires.com/fonts/ 40 KB
40 KB 24ms
24ms Font
application/font-woff 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/fonts/ProximaNova-Regular.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

414dcbef0bb16dec697a3b07514cb19c26ba17755929a5427cb72cd1f0496b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.geheimeaffaires.com/css/splash.less
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2019 11:06:21 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "a08c-586a3c24a6540"
vary: X-Forwarded-Proto,Host
content-type: application/font-woff
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 41100
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 ProximaNova-Semibold.woff
www.geheimeaffaires.com/fonts/ 40 KB
40 KB 21ms
21ms Font
application/font-woff 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/fonts/ProximaNova-Semibold.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ea8915824efbed8d734376a2a66cf70bbfa7207263d021fe32e70ca73d0f556c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.geheimeaffaires.com/css/splash.less
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2019 11:06:21 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "a050-586a3c24a6540"
vary: X-Forwarded-Proto,Host
content-type: application/font-woff
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 41040
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 fa-solid-900.woff2
www.geheimeaffaires.com/webfonts/ 117 KB
118 KB 40ms
40ms Font
text/plain 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/webfonts/fa-solid-900.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c700b62111cb083f626ba039de681635c76519ee2cdbbfb273e0e80080ec2772

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.geheimeaffaires.com/css/font-awesome-all.css
Origin: https://www.geheimeaffaires.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2019 11:06:21 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "1d4b4-586a3c24a6540"
vary: X-Forwarded-Proto,Host
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 119988
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=281719109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geheimeaffaires.com%2Fagreement%3Fpt1%3D2683395196%26utm_source%3DnotificationEmail%26utm_medium%3Demail%26utm_campaign%3D%26utm_term%3Domnimailr%2Bgeheimeaffaires.com%2Bhotmail.com&ul=en-us&de=UTF-8&dt=Geheimeaffaires.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1827768048&gjid=250097638&cid=1056192322.1571033395&tid=UA-120355740-5&_gid=208128255.1571033395&_r=1&z=455913611

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Oct 2019 06:09:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=281719109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geheimeaffaires.com%2Fagreement%3Fpt1%3D2683395196%26utm_source%3DnotificationEmail%26ut...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-132064855-5&cid=1056192322.1571033395&jid=1013174460&_gid=208128255.1571033395&gjid=1064859163&_v=j79&z=498537410
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132064855-5&cid=1056192322.1571033395&jid=1013174460&_v=j79&z=498537410
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132064855-5&cid=1056192322.1571033395&jid=1013174460&_v=j79&z=498537410&slf_rd=1&random=4218445567

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132064855-5&cid=1056192322.1571033395&jid=1013174460&_v=j79&z=498537410&slf_rd=1&random=4218445567

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Oct 2019 06:09:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Oct 2019 06:09:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132064855-5&cid=1056192322.1571033395&jid=1013174460&_v=j79&z=498537410&slf_rd=1&random=4218445567
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 registerValidation.js Show response
www.geheimeaffaires.com/dist/js/guests/ 2 KB
1 KB 22ms
21ms Script
application/javascript 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/dist/js/guests/registerValidation.js?av=v2.6.4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

2cec3e29f914ccfaf137c75fe334174bfdb8207b12b7f359dd37ab1ceeb2fc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Oct 2019 11:56:43 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "831-593ec2998d4c0-gzip"
vary: X-Forwarded-Proto,Host,Accept-Encoding
content-type: application/javascript
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 853
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 register.js Show response
www.geheimeaffaires.com/dist/js/guests/ 6 KB
2 KB 23ms
21ms Script
application/javascript 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/dist/js/guests/register.js?av=v2.6.4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

1864e43f889a024667c2c85d20aa3753958a1665e1b301a344bbda0b44b5614e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 08:16:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "19c9-58e68ece92a80-gzip"
vary: X-Forwarded-Proto,Host,Accept-Encoding
content-type: application/javascript
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 2013
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 collectconsent.less
www.geheimeaffaires.com/css/ 16 KB
2 KB 21ms
21ms Stylesheet
text/css 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/css/collectconsent.less

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

b6c991f5488a6cc6022bd345fcb1f42daf42e7b8886117d00ba89ca45c02deab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Oct 2019 11:50:59 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "41f7-5948d03d4545c-gzip"
vary: X-Forwarded-Proto,Host,Accept-Encoding
content-type: text/css
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 2133
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 login.js Show response
www.geheimeaffaires.com/js/guests/ 4 KB
1 KB 21ms
20ms Script
application/javascript 35.195.88.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geheimeaffaires.com/js/guests/login.js?av=v2.6.4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.88.46 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

46.88.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

2a6d157c02fef629b4f5d4d955cd45e7ce49d6e434dbaeb181648465a0526f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2019 11:06:21 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "f76-586a3c24a6540-gzip"
vary: X-Forwarded-Proto,Host,Accept-Encoding
content-type: application/javascript
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 981
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 cc.css
eu.collectconsent.com/ 24 KB
4 KB 21ms
21ms Stylesheet
text/css 35.195.163.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.collectconsent.com/cc.css

Requested by

Host: eu.collectconsent.com
URL: https://eu.collectconsent.com/cc.js?wId=41YuKVaYkGa5iFXaJ3xU48&domain=geheimeaffaires.com&sessionId=4BWHGhTEyFeLevKIyjsNyl&languageCode=nl&languageTerritory=BE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

609cd9b4c6bca52121089a59922f3cf45504d53ed82e4ad8144d403c3ac87359

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2019 05:11:03 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5ea8-588595c2a195e-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 3808

POST
H2 200 collector Show response
api.eu.collectconsent.com/consent/ 4 KB
4 KB 54ms
54ms XHR
application/vnd.api+json 35.195.163.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/collector

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

087f266f4362479148b04b7e057c942b8df71855b438f70f0ea2fac56331b40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Oct 2019 06:09:55 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true
content-length: 4144

POST
H2 200 load Show response
api.eu.collectconsent.com/consent/ 21 KB
21 KB 41ms
40ms XHR
application/vnd.api+json 35.195.163.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.collectconsent.com/consent/load

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

f8b0bf5b4b74670ab90cd027dafda13b3aba748baff9249e33eafc2bf86dfe78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.geheimeaffaires.com/agreement?pt1=2683395196&utm_source=notificationEmail&utm_medium=email&utm_campaign=&utm_term=omnimailr+geheimeaffaires.com+hotmail.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Oct 2019 06:09:55 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200
strict-transport-security: max-age=63072000;
content-type: application/vnd.api+json
access-control-allow-origin: https://www.geheimeaffaires.com
access-control-allow-credentials: true

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geheimeaffaires.com/	1970-01-19 04:23:53	Name: _gat_b Value: 1
.geheimeaffaires.com/	1970-01-19 04:25:19	Name: _gid Value: GA1.2.208128255.1571033395
.geheimeaffaires.com/	1970-01-19 04:23:53	Name: _gat_a Value: 1
.geheimeaffaires.com/	1970-01-19 21:55:05	Name: _ga Value: GA1.2.1056192322.1571033395
.geheimeaffaires.com/	1969-12-31 23:59:59	Name: system Value: sessionId%3D4BWHGhTEyFeLevKIyjsNyl%26pt%255Bpt1%255D%3D2683395196%26p%3D1025004%26pi%3Dtypein

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.eu.collectconsent.com
cdn.polyfill.io
eu.collectconsent.com
judnfuting.eu
stats.g.doubleclick.net
www.geheimeaffaires.com
www.google-analytics.com
www.google.com
www.google.de
2a00:1450:4001:800::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:825::200e
2a00:1450:400c:c00::9d
2a04:4e42:1b::621
35.195.163.35
35.195.88.46
35.234.64.124
087f266f4362479148b04b7e057c942b8df71855b438f70f0ea2fac56331b40e
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
1864e43f889a024667c2c85d20aa3753958a1665e1b301a344bbda0b44b5614e
2a6d157c02fef629b4f5d4d955cd45e7ce49d6e434dbaeb181648465a0526f26
2cec3e29f914ccfaf137c75fe334174bfdb8207b12b7f359dd37ab1ceeb2fc44
4126c1404be7af64e4312e966adfadc392a0ebcb39174bde618243a077a0d37c
414dcbef0bb16dec697a3b07514cb19c26ba17755929a5427cb72cd1f0496b6e
609cd9b4c6bca52121089a59922f3cf45504d53ed82e4ad8144d403c3ac87359
7aa4551756597459a1c604b16b417fd02900aa4a4a2d63dbb2f866c7e848c157
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9dda9b19a59a42b62e6e700bcef818c2873988cdd10bed190de7052ea43ccac2
a42049601e272cc945884a1cebf833f02d2d35faaeae374371c8b798625d3feb
b6c991f5488a6cc6022bd345fcb1f42daf42e7b8886117d00ba89ca45c02deab
bda73f69e4c7c24b3428df0f49f31610bd0ed7a62a70b188388469381715b1a8
c0547ed534d4e7b615ea7f90f0612d4a6364fc937ca77deb0360132a16f7f57e
c700b62111cb083f626ba039de681635c76519ee2cdbbfb273e0e80080ec2772
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ea8915824efbed8d734376a2a66cf70bbfa7207263d021fe32e70ca73d0f556c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8b0bf5b4b74670ab90cd027dafda13b3aba748baff9249e33eafc2bf86dfe78

www.geheimeaffaires.com Open in urlscan Pro 35.195.88.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

63 %IPv6

8 Domains

9 Subdomains

5 IPs

4 Countries

415 kBTransfer

934 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

www.geheimeaffaires.com Open in urlscan Pro
35.195.88.46 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

5
IPs

4
Countries

415 kB
Transfer

934 kB
Size

5
Cookies

21 HTTP transactions
0 data transactions