urlscan.io logo urlscan.io
SecurityTrails logo

www.affaerentreff.de Open in urlscan Pro
2600:9000:2688:fa00:13:920a:46c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.vgnp3trk.com/37932q/7xdn2/0.8937763706591272
Effective URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Submission: On January 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 19 domains to perform 77 HTTP transactions. The main IP is 2600:9000:2688:fa00:13:920a:46c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.affaerentreff.de.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 18th 2023. Valid for: a year.
This is the only time www.affaerentreff.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.117.39.110 396982 (GOOGLE-CL...)
26 2600:9000:268... 16509 (AMAZON-02)
4 2a04:4e42:200... 54113 (FASTLY)
2 91.201.28.212 203480 (QUALITYUNIT)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 23.48.224.106 20940 (AKAMAI-ASN1)
9 172.104.238.149 63949 (AKAMAI-LI...)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 3.161.188.54 16509 (AMAZON-02)
3 108.62.123.181 30633 (LEASEWEB-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.96.87 16509 (AMAZON-02)
1 18.238.49.12 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
5 172.104.244.5 63949 (AKAMAI-LI...)
77 20
1    34.117.39.110 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 110.39.117.34.bc.googleusercontent.com
www.vgnp3trk.com
26    2600:9000:2688:fa00:13:920a:46c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.affaerentreff.de
4    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    91.201.28.212 (Slovakia)

ASN203480 (QUALITYUNIT, SK)
50slove.postaffiliatepro.com
4    2607:f8b0:4006:81d::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    23.48.224.106 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-106.deploy.static.akamaitechnologies.com
analytics.tiktok.com
9    172.104.238.149 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1814-149.members.linode.com
ais.ladesk.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2607:f8b0:4006:80f::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    3.161.188.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-188-54.atl59.r.cloudfront.net
static.hotjar.com
3    108.62.123.181 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
detour.datingalpha.net
1    2606:4700:3032::6815:20e2 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.azshopp.com
1    2607:f8b0:4006:80d::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:821::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com
1    18.238.49.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-12.jfk52.r.cloudfront.net
cdn.aisgmbh.at
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    172.104.244.5 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1821-5.members.linode.com
2-vbus-de.ladesk.com
Apex Domain
Subdomains		 Transfer
26 affaerentreff.de
www.affaerentreff.de
470 KB
14 ladesk.com
ais.ladesk.com
2-vbus-de.ladesk.com — Cisco Umbrella Rank: 100056
185 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 752
144 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
284 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
58 KB
3 datingalpha.net
detour.datingalpha.net
7 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
14 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 681
script.hotjar.com — Cisco Umbrella Rank: 996
59 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
68 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019
83 KB
2 postaffiliatepro.com
50slove.postaffiliatepro.com
7 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 aisgmbh.at
cdn.aisgmbh.at
16 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
2 KB
1 azshopp.com
scripts.azshopp.com
567 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
5 KB
1 vgnp3trk.com
www.vgnp3trk.com
660 B
77 19
Domain Requested by
26 www.affaerentreff.de www.affaerentreff.de
9 ais.ladesk.com www.affaerentreff.de
ais.ladesk.com
5 2-vbus-de.ladesk.com ais.ladesk.com
2-vbus-de.ladesk.com
5 analytics.tiktok.com www.affaerentreff.de
analytics.tiktok.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com www.affaerentreff.de
www.googletagmanager.com
4 cdn.jsdelivr.net www.affaerentreff.de
3 detour.datingalpha.net www.googletagmanager.com
detour.datingalpha.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.affaerentreff.de
2 connect.facebook.net www.affaerentreff.de
connect.facebook.net
2 maxcdn.bootstrapcdn.com www.affaerentreff.de
maxcdn.bootstrapcdn.com
2 50slove.postaffiliatepro.com www.affaerentreff.de
50slove.postaffiliatepro.com
1 www.facebook.com www.affaerentreff.de
1 cdn.aisgmbh.at www.affaerentreff.de
1 script.hotjar.com static.hotjar.com
1 www.google.com www.affaerentreff.de
1 googleads.g.doubleclick.net www.googletagmanager.com
1 scripts.azshopp.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 cdnjs.cloudflare.com www.affaerentreff.de
1 www.vgnp3trk.com 1 redirects
77 21
Subject Issuer Validity Valid
*.affaerentreff.de
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.postaffiliatepro.com
R3		 2023-11-10 -
2024-02-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-01-28 -
2024-04-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.ladesk.com
R3		 2023-11-10 -
2024-02-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-07 -
2024-02-05		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
detour.datingalpha.net
ZeroSSL RSA Domain Secure Site CA		 2024-01-09 -
2024-04-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.aisgmbh.at
Amazon RSA 2048 M01		 2023-05-24 -
2024-06-21		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Frame ID: A6007E811F63C7F21A48F5591017D75D
Requests: 66 HTTP requests in this frame

Frame: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Frame ID: 5A7FA4B05C807FF89EB6EF0D0BD2E882
Requests: 5 HTTP requests in this frame

Frame: https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1706503828&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0
Frame ID: 63C2C175C592D6895DDAE958BB2213A1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AFFAERENTREFF

Page URL History Show full URLs

  1. http://www.vgnp3trk.com/37932q/7xdn2/0.8937763706591272 HTTP 302
    https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

77
Requests

100 %
HTTPS

57 %
IPv6

19
Domains

21
Subdomains

20
IPs

3
Countries

1423 kB
Transfer

4024 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.vgnp3trk.com/37932q/7xdn2/0.8937763706591272 HTTP 302
    https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.affaerentreff.de/
Redirect Chain
  • http://www.vgnp3trk.com/37932q/7xdn2/0.8937763706591272
  • https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2347f12c65dbad05f419068e3720c005ffc9e10d405e56f0a431225b2ab6681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Mon, 29 Jan 2024 04:38:30 GMT
etag
W/"c7f7df25aef419fdb5220c1dba0247af"
last-modified
Mon, 15 Jan 2024 15:26:23 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-amz-cf-id
5mdXx7S9GL598jg6HJuyJs82_RD69NCY5xgVdgSG2-4tiOEaxgL_-Q==
x-amz-cf-pop
ATL58-P9
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Content-Length
140
Via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 04:38:29 GMT
location
https://www.affaerentreff.de?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
server
nginx
vary
Origin
x-eflow-request-id
011c003d-0061-4d2b-a375-4db5e40cd68c
vue.prod.min.js
www.affaerentreff.de/scripts/ 		105 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/scripts/vue.prod.min.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d601f229247b261d18181988f7337b3f652165187f3c22a109821a50ea96a0f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:30 GMT
server
AmazonS3
etag
W/"7f8906c1a2320dd9108f0d40b74d8989"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
XaCI0UQ2_x1rSvCcvs-40piag0wXRNYUQWmVx6-6Nj-asNHgIuz4MA==
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.affaerentreff.de/
Origin
https://www.affaerentreff.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Jan 2024 04:38:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
4762687
x-jsd-version
5.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25360
x-served-by
cache-fra-eddf8230097-FRA, cache-mia-kmia1760062-MIA
x-jsd-version-type
version
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.3.4.1.min.js
www.affaerentreff.de/scripts/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/scripts/jquery.3.4.1.min.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:30 GMT
server
AmazonS3
etag
W/"220afd743d9e9643852e31a135a9f3ae"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
1El7HLFjAyOGdC-5rZqwCXrfeF_wiyith8puPQmyu4FZfvo7Yxf4VQ==
js.cookie.js
www.affaerentreff.de/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/scripts/js.cookie.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:29 GMT
server
AmazonS3
etag
W/"fa93e8894edb6245ab03883633b12b6e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
FxyUmZo5JS5wA4oSwP6XhBElh1MxeLWL43DHiBHqDuB0ukw4JSlUhQ==
main.css
www.affaerentreff.de/styles/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/styles/main.css
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9d654ac900cbd8a09bb26c48a51260cb7d816c53c32ed69d4b2c90cb991d2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:30 GMT
server
AmazonS3
etag
W/"d3ddcd97bf2f9fcc3da8330cea22f225"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
WjEZEqxGzP5ledmY6e5oVvhXpbRXiYJppKF0PN3_oj78sFQ8C8GAVQ==
heflzjgg
50slove.postaffiliatepro.com/scripts/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://50slove.postaffiliatepro.com/scripts/heflzjgg
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.201.28.212 , Slovakia, ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software
nginx /
Resource Hash
291b8a5be6d7bd8d1e5bb6e5cbcb6c5312f1c7bb7da1e3b95ec8b2edbe836dba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.pap.ws-eu)
x-srv
3
age
48
content-length
6076
last-modified
Mon, 18 Dec 2023 15:29:38 GMT
server
nginx
etag
"6ae8-60cca6afa9c80"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
827955869 828542062
cache-control
max-age=120
accept-ranges
bytes
expires
Mon, 29 Jan 2024 04:39:44 GMT
js
www.googletagmanager.com/gtag/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
101c8239dd781d615ea88e0833d60e6b8c5847a4308676b9241a22e19e09a003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44584
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 04:38:32 GMT
config.js
www.affaerentreff.de/configs/ 		1 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/configs/config.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30a2fd1f1d65fcb9aab83057288891808eb932fb9acdc7991cda1c25a8707f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:22 GMT
server
AmazonS3
etag
W/"f76b7ee5952938f2a908a62fbc26cdf6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
-qCeETUU5x91Cwhs530gejKg8ib95tOa7eEtDRpB4Jv6NaR-MnNiKw==
axios.0.25.0.min.js
www.affaerentreff.de/scripts/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/scripts/axios.0.25.0.min.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b00828aa594968071f062841833553f98541845061e2d1c3144da47acce5940d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:30 GMT
server
AmazonS3
etag
W/"3f3c2540b53a9f09d04c2a826716fcf2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
66sYE7bNB7Upq3LbvR8aELjFyga7cGCEg1vGeuNwElMnEZNhcWzdog==
jwt-decode.js
www.affaerentreff.de/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/scripts/jwt-decode.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b190768a27312ddecca5f1f2e2ef9c55a79457391e493fc514d4ce17ebd3b224
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:29 GMT
server
AmazonS3
etag
W/"b0a42accad91746f04333f15fd67af39"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
6VZeWC_OLTFHNyhHTVgDw8wvHejhS-bCty2r5DVnvtdJKDxR89K6SQ==
countrySelectData.js
www.affaerentreff.de/scripts/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/scripts/countrySelectData.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e30993ba98335c5da42a597b569fc5e1a3af35c39f69540e9b76f1cefe9d266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:29 GMT
server
AmazonS3
etag
W/"ee7744ad91e0c3c02a397292c9d5248a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
dIVHQ5S-xFX8UM7yyY2vMBdLgdPApIlNanELuugzC5ihaCvo4V2IRw==
vue-router.3.4.5.js
www.affaerentreff.de/scripts/ 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/scripts/vue-router.3.4.5.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e052d8c61cf2bb73abe3b42a7ce6ab87e88653e9d1d263af3f37d728b948b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:30 GMT
server
AmazonS3
etag
W/"2c9c3252901dd105ec7846ccc493d197"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
XAghnBismoovEpmum7LThZPt8FUINRhmVYVXQB5W_OypFJzWqOF45Q==
prelander.vue.js
www.affaerentreff.de/pages/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/pages/prelander.vue.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e7bf7d34a51c9d6b9e0c8c9ab77599aeb40186375f11307684ded2b5e75a28b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:24 GMT
server
AmazonS3
etag
W/"3257f0fd8bc12c46544a3fa206ff7752"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
-mab2Wrom0pDBvVWVD0YHZQ9idHxrg9caf-2psyYqtqbaj4hYr4GPA==
landingpage_v1.vue.js
www.affaerentreff.de/pages/components/ 		35 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/pages/components/landingpage_v1.vue.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9040613debda8e0d015563aadf1aa5d2e0399a8865ef972fb90c29f0cab0a2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:23 GMT
server
AmazonS3
etag
W/"4f27fc35a30dd577d2053a116b22a42a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
TWb9D5ge84LGDYRVi255yh1-OD0AEEn7uFe2tq07WNkfDj8m8OncDQ==
landingpage_v2.vue.js
www.affaerentreff.de/pages/components/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/pages/components/landingpage_v2.vue.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73fcbaf2504050334e324594bc9b1b44eb2b8338a4b552dca1c4dfc99b0c99f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:23 GMT
server
AmazonS3
etag
W/"f06fafd26e99bcb89af5ae01ef790515"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
F5gR1OWGTc2riwVWyan0A58UCGQALrGpHz-0BcQbdgBXlPnYRol4TA==
app.vue.js
www.affaerentreff.de/pages/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/pages/app.vue.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ea53a13e34d782e4408913319f375ca93d7af8f3f9edb75d8c7b1bceb07c9f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:23 GMT
server
AmazonS3
etag
W/"eaf878efe67517c48cd1a6f2e46fc151"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
a5Z4ICFaF39kPerFMjMI6HLNT4ZRBFom8zQsFFluwIVZTt-J5VbBHA==
cancelmemebership.vue.js
www.affaerentreff.de/pages/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/pages/cancelmemebership.vue.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c7fb8e00906d9a203c24532e6b32838eec1ff36386136ce8ff6847d1e6a8364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:23 GMT
server
AmazonS3
etag
W/"b1ddbd7fe7f5234c645f574128b79b68"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
Y2BaGkOCgD457z2l_aGrYpyBf7lUy0fH7pHZF-CypepcbexOyfBbMw==
translationsEN.js
www.affaerentreff.de/translations/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/translations/translationsEN.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92f1c173a2fcb9611997bf02435f4a18f41ed65968b7b76d413d998e27f8236b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:30 GMT
server
AmazonS3
etag
W/"fc17fc07f5decb564cc560a61fd48ba3"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
1JDgo94evGS-f0MmbYZ4z1KPItntt_ScSkNd0I-QZ3qitkS2EiZkJg==
termsAndPolicies.js
www.affaerentreff.de/scripts/ 		313 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/scripts/termsAndPolicies.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f60768b08308fe3b28a553d14a7b13133e0ca71f718ef27d9fee159afe7767b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:30 GMT
server
AmazonS3
etag
W/"fe33cebac352a2497b6e9934d386822a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
DsbkpTEZRjk7B7AJXDNakVJA_0FjVUHrzgtsUPT809jw7MQvUHFVzQ==
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Jan 2024 04:38:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
20956
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1363
x-served-by
cache-fra-eddf8230078-FRA, cache-mia-kmia1760068-MIA
x-jsd-version-type
version
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Jan 2024 04:38:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
18922
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7125
x-served-by
cache-fra-eddf8230120-FRA, cache-mia-kmia1760068-MIA
x-jsd-version-type
version
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.affaerentreff.de/
Origin
https://www.affaerentreff.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Jan 2024 04:38:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
5276028
x-jsd-version
5.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23943
x-served-by
cache-fra-eddf8230080-FRA, cache-mia-kmia1760062-MIA
x-jsd-version-type
version
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
625
age
6558723
cdn-cachedat
10/31/2023 18:49:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7facf301d23e7656c984df3815ba6e0a
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
84cec93adf6e2593-MIA
cdn-requestpullsuccess
True
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6979492
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uuqCWBrVsaX63eg51%2F6TzjuM6JqT5sIpjUdj8mx5yf7EeHSJe7N7xgvG9FiuZbf6ghtX2ToBQ4lbhaNofrb%2BfKbXe3%2FpxZtbZ1VcFF74jWjTwXqObHN%2FEIwlpUU4PynMkRF1kgLXrrfCrAzsHvm0eJY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84cec93ad9ba9ab7-MIA
expires
Sat, 18 Jan 2025 04:38:30 GMT
main.js
www.affaerentreff.de/scripts/ 		48 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/scripts/main.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e2735602abdfa25ebbcd5f2606f2b768aae5f2cf20f835aa29c661e8dbfc33d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 3ccec777a6ecee005c445b8d1dc8aff6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:30 GMT
server
AmazonS3
etag
W/"0307023b6ff173e7aff562fe0819fecb"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
CtvVOw7oANVKvQh9tDgUImdMNJVSk7XMCtHDSr_JA_emu18oFGRqbQ==
heflzrgg
50slove.postaffiliatepro.com/scripts/ 		66 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://50slove.postaffiliatepro.com/scripts/heflzrgg?accountId=default1&userId=vivero&url=S_www.affaerentreff.de%2F&referrer=&isInIframe=false&getParams=%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0&anchor=
Requested by
Host: 50slove.postaffiliatepro.com
URL: https://50slove.postaffiliatepro.com/scripts/heflzjgg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.201.28.212 , Slovakia, ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software
nginx /
Resource Hash
afd4194ff31531862a7786ddbcde6dcd3bdb4bd64f39d5e6d90f80a55e71eda1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
application/octet-stream, application/x-javascript
date
Mon, 29 Jan 2024 04:38:31 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx
content-length
66
expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		227 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1b1805b1b9366b2bb501727cc1bbfbc46c743cc302fab49d42d3af77cb41217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77930
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 04:38:32 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC47R8RC77U9MSBJN5NG&lib=ttq
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a8d875e620891f4195872716c73e6677a9ae1127f1cdc7f76d623950e1c12e7d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id
cfacc1bc.16494f93
date
Mon, 29 Jan 2024 04:38:32 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240129043832F6272F8F64C39A5B00DE-4FD5FF68FD0A2C6C-00
x-cache
TCP_MISS from a23-195-36-74.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time
11,23.195.36.74
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=4, inner; dur=1
content-length
1332
pragma
no-cache
server
nginx
x-tt-logid
20240129043832F6272F8F64C39A5B00DE
x-cache-remote
TCP_MISS from a23-218-223-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.218.223.19
x-tt-trace-host
0165447f0139466249fe6fc15e5a2fb619f1183422262f813a687a20e1c4127cd6afea0d7dfaa5b728c2addb13a8b4b742b1040a10bc261bbc8d420ac0925515aa48e155d914164928330d1c06f0dd7471baf32bee77834f4eedf41a3bec9cb0451a7c1c801062f02527c4253e5b78a67f
expires
Mon, 29 Jan 2024 04:38:32 GMT
OpenSans-Regular.ttf
www.affaerentreff.de/fonts/ 		95 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/fonts/OpenSans-Regular.ttf
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/styles/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.affaerentreff.de/styles/main.css
Origin
https://www.affaerentreff.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:22 GMT
server
AmazonS3
etag
W/"3ed9575dcc488c3e3a5bd66620bdf5a4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
PY3iwIPsKTSMX8IGe2mAg675UDu-Iphd-5tvtDVeViJ5l7drJ1o7ig==
track.js
ais.ladesk.com/scripts/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ais.ladesk.com/scripts/track.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1814-149.members.linode.com
Software
nginx /
Resource Hash
88246e7f5d30387f283df5907c2694534d3399cd71676d124b16705fb6ca9c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (1.lb-app.la.linode-de)
x-srv
1
age
51
content-length
13040
last-modified
Thu, 18 Jan 2024 10:09:40 GMT
server
nginx
etag
"c480-60f358fc50100"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
493226517 491088588
cache-control
max-age=300, public
accept-ranges
bytes
expires
Mon, 29 Jan 2024 10:37:41 GMT
translationsDE.js
www.affaerentreff.de/translations/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/translations/translationsDE.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
134f038d354ff9d5fbdcf639c79a7b62cac791cf14e7384bdd936597c64def0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:30 GMT
server
AmazonS3
etag
W/"cc05fb0e8c650d5534acbdfbbbf5ebc1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
5_fOIgZORqzghuavM74cEavTFWEL8otBXxevFYLiMVPQXzX9d_SVYQ==
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.affaerentreff.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
975
cdn-cachedat
10/31/2023 18:55:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
0af17f6d0ac376b5ca02e05450535d8e
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
84cec94309d14c06-MIA
cdn-requestpullsuccess
True
main.MTU3YmJkODI0MA.js
analytics.tiktok.com/i18n/pixel/static/ 		379 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC47R8RC77U9MSBJN5NG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id
16495200
date
Mon, 29 Jan 2024 04:38:32 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202401252008439DEE1056A343F56ED9CB
x-tt-trace-id
00-2401252008439DEE1056A343F56ED9CB-15276DD0A28E0110-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-195-36-74.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01cddd7d1591847c1000638f38bb08908156619495284a6e898c3d904501009d6883160fee4e18a41abfd81de9ddf2055a4f0fbe4f9e68a73cc0cd56285b4b6c015609390c01a9d7577abbefd3a2b26c9f04c66590d01a9766257e47a74315110d
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=22
content-length
105004
translationsDE.js
www.affaerentreff.de/translationsWL-affaerentreff/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/translationsWL-affaerentreff/translationsDE.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ad322908b8f139ba891aca56ac9bafef691e245cc93aae352cf41075c999ebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:30 GMT
server
AmazonS3
etag
W/"944321a3dcba8affaec998ff909f730a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
NVkYj2WGhhwLkf3NWXl_VffsmLFlwI6IWp1u6Xk91_wMCoSl7n4UvA==
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-447642286&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ff0eebfec66187885353c64761f7abe6c42f3fd249bdae9d88dc7a6262551d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72901
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 04:38:32 GMT
js
www.googletagmanager.com/gtag/ 		284 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TE5Y97YKC8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ce7d5ef8b01a00f738ed4b4447ec44c8bf2f537d28f81fdf14da1287ed8cd81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94792
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 04:38:32 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 29 Jan 2024 04:38:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57158
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
wSEsWYKMTayQorsNQKZVYrd+ETEbJxIlc6VNd3uvaxkxZ2p0NKhiTTOgQok5Hq1PHBJtKLplPcESCyh9Z42aVw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jan 2024 03:51:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2809
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 29 Jan 2024 05:51:43 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 29 Jan 2024 04:38:32 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8BACFFBB40A24E6B8EB74C769FE8E2F4 Ref B: MIAEDGE2916 Ref C: 2024-01-29T04:38:32Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
hotjar-2147602.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2147602.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.188.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-188-54.atl59.r.cloudfront.net
Software
/
Resource Hash
11d6f25c4bb690a6f5a595633aab62511c819b9cdbeb3ea4851f725fea36134a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 2ac0cc67fc59e7d4a98e8309d42e7572.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL59-P7
etag
W/e12dcf26688748752717babfb2ba1e18
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
R4HTY4A3ZSi7_yvQEhf2IHq6jmKbfL6Btp6hRJAX-9vdcGZgDAk6gw==
uniclick.js
detour.datingalpha.net/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://detour.datingalpha.net/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=65523e2b03a3e500010e90da&regviewonce=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
108.62.123.181 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
648114310492d12a9858030eb33cb6badb6219c8e96dc402ecd86354d17793bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 04:38:32 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
adu_affaerentreff_de.js
scripts.azshopp.com/scripts/ 		22 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.azshopp.com/scripts/adu_affaerentreff_de.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N53M925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:20e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b69dbf32872647ab14e3d00c71a610cd16ab16db42a9fb1dc7add247b2bde55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-runtime
0.010929
date
Mon, 29 Jan 2024 04:38:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3b69dbf32872647ab14e3d00c71a610c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvRH53Vi5gO5%2FTfx%2FfWEWpFcWLlMSzyUgSRi4jWJWXBjEoWsrWoINCmwVj9oZcvFMlL4%2B8wthMWtJSFIdJZPtV0f8Awug1ju7%2BMkyfUR8pWYrQNfciVifTrYYQS%2BWix8QjAQHUARoPV9yMvKkOMuSCNv"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
84cec946eebe4988-MIA
alt-svc
h3=":443"; ma=86400
content-length
22
x-request-id
934160b8-d7e2-4bfb-b58b-5369a5b329ee
identify_0a875.js
analytics.tiktok.com/i18n/pixel/static/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id
1649592c
date
Mon, 29 Jan 2024 04:38:32 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202401231515385F08A1BD5583529680F6
x-tt-trace-id
00-2401231515385F08A1BD5583529680F6-0A2A20D0E9BDF05B-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-195-36-74.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01ea667eda732cfc434fe0e1627b4dcc27ea000784901d2e25716df4dc6f043bb6720a5f1a9d853d4d749b364d27e422317e62e271d098cf94279ccce5c749598b87e0e854e4ed4262dbcaa60733fac347dcc9d9363be01233554873f1b7c5b617
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
37075
pixel
analytics.tiktok.com/api/v2/ 		0
849 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.affaerentreff.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2806c5ab.16495a21
date
Mon, 29 Jan 2024 04:38:32 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240129043832F9D79A833F739D1E3AD1-00FD4AC6DC3B5F69-00
x-cache
TCP_MISS from a23-195-36-74.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time
351,23.195.36.74
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=274, inner; dur=231
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240129043832F9D79A833F739D1E3AD1
x-cache-remote
TCP_MISS from a23-218-223-23.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
274,23.218.223.23
x-tt-trace-host
0165447f0139466249fe6fc15e5a2fb619f1183422262f813a687a20e1c4127cd6dd578a0839c05183048f5a5df51258f06f1ee6f5f225b18d721d0bebd7e55e3844d7ce2812dc0ba0efe1d5e497c6169c91261a68228fd5a7371cadffb0c3df3a414cf58e7fdc775058441778c56b5960
access-control-allow-headers
Authorization,*
expires
Mon, 29 Jan 2024 04:38:32 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/447642286/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/447642286/?random=1706503112527&cv=11&fst=1706503112527&bg=ffffff&guid=ON&async=1&gtm=45be41o0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0&hn=www.googleadservices.com&frm=0&pscdl=noapi&auid=154754825.1706503113&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-447642286&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
899d22445cc4e1968ca90622da6cd0930849fc9eaf194ad68ea01cff0a4d98f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 04:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1277
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
175 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TE5Y97YKC8&gtm=45je41o0v9104833779z8852878785&_p=1706503111772&gcd=11l1l1l1l1&dma=0&cid=1847339805.1706503113&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706503112&sct=1&seg=0&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymizeIp=true&ep.transport=beacon&up.is_premium=0&up.custom_user_id=0&up.match_count=0&tfd=3069
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE5Y97YKC8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 04:38:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.affaerentreff.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.css
www.affaerentreff.de/resourcesWL-Affaerentreff/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.affaerentreff.de/resourcesWL-Affaerentreff/main.css
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f32e21bb384c67c6f238522394c74875eda4887ab952c87ba29c394778e2d87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
ATL58-P9
via
1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jan 2024 15:26:26 GMT
server
AmazonS3
etag
W/"15c8ce820fe2ad99c76c39ccefad44b9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
4t-2nBz7O0JtKuo3L0ezchxCTB3nO_FYHeOCxi_gdXFe224q0E_1Fw==
act
analytics.tiktok.com/api/v2/pixel/ 		0
702 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.106 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.affaerentreff.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1649619b
date
Mon, 29 Jan 2024 04:38:32 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24012904383276DBB0163D8EDEAD7B0A-16B7622EC413879D-00
x-cache
TCP_MISS from a23-195-36-74.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing
inner; dur=19, cdn-cache; desc=MISS, edge; dur=5, origin; dur=33
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024012904383276DBB0163D8EDEAD7B0A
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
33,23.195.36.74
x-tt-trace-host
0165447f0139466249fe6fc15e5a2fb6194635d03df74905b05c737e3d4f82e93be26bc25ed767acf04615d2c24789450cc06d92cac6ac95ce12a87e5e01636835b63b6a2ae9b81a2416b1d1ab404b71becae950e7bd61d25215781f2509faa270
access-control-allow-headers
Authorization,*
expires
Mon, 29 Jan 2024 04:38:32 GMT
134506284.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/134506284.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 29 Jan 2024 04:38:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 88AA8B569EE347E18B0D3FCDFB9AC9E0 Ref B: MIAEDGE2916 Ref C: 2024-01-29T04:38:32Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=134506284&tm=gtm002&Ver=2&mid=bdee4387-268b-4f93-924e-9088b5775778&sid=41fd5460be6011ee9e002ba28f9b1b47&vid=4200bbf0be6011eea4775fe6aa2af96d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0&r=&lt=2263&evt=pageLoad&sv=1&rn=981441
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Jan 2024 04:38:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FC6BAADDD12648508D52D0A38852B744 Ref B: MIAEDGE2916 Ref C: 2024-01-29T04:38:32Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
65523e2b03a3e500010e90da
detour.datingalpha.net/ 		200 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://detour.datingalpha.net/65523e2b03a3e500010e90da?format=json&referrer=&a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0&sub19=undefined&sub20=undefined
Requested by
Host: detour.datingalpha.net
URL: https://detour.datingalpha.net/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=65523e2b03a3e500010e90da&regviewonce=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
108.62.123.181 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
c96fe1f707a82312d2e2dd284519afc8168091dd2e29d1e54ac8f73fcd03e0ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 04:38:33 GMT
Server
nginx/1.20.2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
200
/
www.google.com/pagead/1p-user-list/447642286/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/447642286/?random=1706503112527&cv=11&fst=1706500800000&bg=ffffff&guid=ON&async=1&gtm=45be41o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_4CqZ3UgWTk7oZb8_a3klmxVZJoCtyw&random=2850428464&rmt_tld=0&ipr=y
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 04:38:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=921625464&t=pageview&_s=1&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=318128807&gjid=924862502&cid=1847339805.1706503113&tid=UA-167101890-5&_gid=2113770909.1706503113&_r=1&gtm=45He41o0n81N53M925v852878785&cd1=0&cd3=0&cd4=0&cm1=0&gcd=11l1l1l1l1&dma=0&z=2013061701
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.affaerentreff.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 04:38:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.affaerentreff.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.0c2aac1b2d1ba79f2a01.js
script.hotjar.com/ 		219 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2147602.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:40:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
392307
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55804
last-modified
Wed, 24 Jan 2024 15:39:41 GMT
etag
"252eda316b5dfe5750655c881f809a75"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
y3lTr4sWNGE7ixLhlsF8KvWgps1OL7qyz0kIX9cC_PIDv3gtKmQkpw==
550272220639696
connect.facebook.net/signals/config/ 		52 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/550272220639696?v=2.9.143&r=stable&domain=www.affaerentreff.de&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
76d24199306842206c0cefa20e85c0b7f4f0a4b0b86fb47bce520fbe8bebfd14
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 29 Jan 2024 04:38:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
PtyQwQCmS+eJU2crbrWfTNZSE35lUgE7E/MdzFVnyMfR0tUPVqx8gH2iNGuDpfjwADI+9gF/mT9BQ1d0J/S0pw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
view
detour.datingalpha.net/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://detour.datingalpha.net/view?clickid=65b72bc9c505ec0001749338&referrer=
Requested by
Host: detour.datingalpha.net
URL: https://detour.datingalpha.net/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=65523e2b03a3e500010e90da&regviewonce=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
108.62.123.181 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 29 Jan 2024 04:38:33 GMT
Server
nginx/1.20.2
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
termsAndPolicies_de.js
cdn.aisgmbh.at/tos/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aisgmbh.at/tos/termsAndPolicies_de.js
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/scripts/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-12.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7fd5e5134415291d0b0e97ed853f79104e090b566b39b2a6ce854621817f4d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 08:15:18 GMT
x-amz-version-id
kfPp4iKvdGJ_7lz3kj_PirhHBU2u57qr
content-encoding
br
last-modified
Thu, 27 Jul 2023 12:39:37 GMT
server
AmazonS3
via
1.1 ef47ae4ce1b368bee741646b5277e5cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P3
etag
W/"43494d2a12a5d8a436a3beed95aeacc3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
73396
x-amz-cf-id
vp-xEOEW5ULPf8QAenVtQGtOFh989xDk9lYxR4CNhwb_h0lmrAb1dQ==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=550272220639696&ev=PageView&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0&rl=&if=false&ts=1706503113271&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706503113270.927616865&ler=empty&cdl=API_unavailable&it=1706503112997&coo=false&exp=d1&rqm=GET
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 29 Jan 2024 04:38:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
BG-1.jpg
www.affaerentreff.de/resourcesWL-Affaerentreff/images/lpbgs/lp7/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.affaerentreff.de/resourcesWL-Affaerentreff/images/lpbgs/lp7/BG-1.jpg
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58033759e0c57ce460edd0263d8e1459b4fe3e0f972ce16bcba51f1417b0b9fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P9
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
169777
last-modified
Mon, 15 Jan 2024 15:26:27 GMT
server
AmazonS3
etag
"6fabf4809dccce55b9a9b9cfa6418894"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-amz-cf-id
JjZRSJQAosMSJZeUGMoILHQKrWBCPlkVDaMhTQis5Aoel9MGXcpRWQ==
main-logo.png
www.affaerentreff.de/images/affaerentreff/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.affaerentreff.de/images/affaerentreff/main-logo.png
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc38423f463c03c12ca83923df84a9aa856d55465682dc9dda239f6ae2ecdf0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P9
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11939
last-modified
Mon, 15 Jan 2024 15:26:22 GMT
server
AmazonS3
etag
"39653e147551e245fb90f8b0230d6fef"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-amz-cf-id
Ki210gysjTYkkWoCthqaOZDiPVohSUubPqE8evmaTeujbZa_yl2TPg==
austria.jpg
www.affaerentreff.de/images/flags/rect/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.affaerentreff.de/images/flags/rect/austria.jpg
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58c7b0ab7c6b0671f6ee2463aba8a22e8fbf5821798b88ec20b0717377f8d56d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P9
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1992
last-modified
Mon, 15 Jan 2024 15:26:22 GMT
server
AmazonS3
etag
"958ca648c59661f9a732a58cff450b72"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-amz-cf-id
Q0y2EwU7cHwo-fwMXOkN_90gJ0EDUils0vhCHGtL0CGFgZ47OfwdWw==
switzerland.jpg
www.affaerentreff.de/images/flags/rect/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.affaerentreff.de/images/flags/rect/switzerland.jpg
Requested by
Host: www.affaerentreff.de
URL: https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2688:fa00:13:920a:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9fd04adbd083260a6ebf0f823e996ff66c6360bc55f6eab59d9bd86ce9a9c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/?a_aid=vivero&a_bid=5316627b&data1=49_&data2=6a28636e62e143a180608e6b0fe38fd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d4ca515662341661b756e3448d612214.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL58-P9
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3454
last-modified
Mon, 15 Jan 2024 15:26:22 GMT
server
AmazonS3
etag
"1f45497a26bb07861cd859965dfdffc2"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-amz-cf-id
UtGjuelieRWhcvrLBzZTIt2DihUZVm4rKVjq5BR0rMzXAzAQFV3ZKQ==
track_visit.php
ais.ladesk.com/scripts/ 		263 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ais.ladesk.com/scripts/track_visit.php?t=Y&C=Track&B=7wmjiu42xqkcbzokadkcozb8p3rki&S=j2kkns8cevcy34qi56e63xucn5wkg&pt=AFFAERENTREFF&url=__S__www.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0&ref=&sr=1600x1200&ud=%7B%7D&vn=Y&ci=&jstk=Y
Requested by
Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1814-149.members.linode.com
Software
nginx /
Resource Hash
6aaf5f1c3231cdbd1e5cf84105ed00d2ad1955868178b8b3e3ca3e0279580616
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
via
1.1 varnish (1.lb-app.la.linode-de)
x-srv
5
age
6
content-length
206
pragma
last-modified
Mon, 29 Jan 2024 04:38:27 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
x-varnish
491964892 492767581
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
expires
Mon, 26 Jul 1997 05:00:00 GMT
bus.html
2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/ Frame 5A7F 		315 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Requested by
Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1821-5.members.linode.com
Software
nginx /
Resource Hash
5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3

Request headers

Referer
https://www.affaerentreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 29 Jan 2024 04:38:33 GMT
etag
W/"65a8f8e4-13b"
last-modified
Thu, 18 Jan 2024 10:09:40 GMT
server
nginx
button.php
ais.ladesk.com/scripts/ 		605 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ais.ladesk.com/scripts/button.php?ChS=UTF-8&C=Widget&i=q2dm1s7e&p=__S__www.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0
Requested by
Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1814-149.members.linode.com
Software
nginx /
Resource Hash
a531fbd7f84bf4fa1e73e6abfe60953c6b6a14446f6e35b34bc2fc5768110c42
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
via
1.1 varnish (1.lb-app.la.linode-de)
x-srv
1
age
218
content-length
365
pragma
last-modified
Mon, 29 Jan 2024 04:34:55 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-varnish
491220257 490465453
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
expires
Mon, 26 Jul 1997 05:00:00 GMT
generateWidget.php
ais.ladesk.com/scripts/ Frame 63C2 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1706503828&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0
Requested by
Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1814-149.members.linode.com
Software
nginx /
Resource Hash
07bfe355f807a4d3eb57572ccba18463c1ab1c7a3bcf7d1ac6ca00026e4aefc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.affaerentreff.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=31536000, public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 04:38:33 GMT
expires
Wed, 01 Jan 2025 08:00:00 GMT
last-modified
Tue, 01 Jan 2008 08:00:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish (1.lb-app.la.linode-de)
x-content-type-options
nosniff
x-srv
1
x-varnish
488970203
contact.css
ais.ladesk.com/themes/contact/material/ Frame 63C2 		122 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ais.ladesk.com/themes/contact/material/contact.css?v=5.43.5.9
Requested by
Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1706503828&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1814-149.members.linode.com
Software
nginx /
Resource Hash
082585bdc55df3f819dd1110fe0c45188216be7495392d86e66a8fdd7bbd0c92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (1.lb-app.la.linode-de)
x-srv
1
age
553
content-length
38329
last-modified
Thu, 18 Jan 2024 10:09:56 GMT
server
nginx
etag
"1e832-60f3590b92500"
vary
Accept-Encoding
content-type
text/css
x-varnish
492962590 491896896
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 05 Feb 2024 04:29:20 GMT
bundle.e3f8621f3498fb9699e2.css
ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 63C2 		1 KB
896 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle.e3f8621f3498fb9699e2.css
Requested by
Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1706503828&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1814-149.members.linode.com
Software
nginx /
Resource Hash
a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (1.lb-app.la.linode-de)
x-srv
4
age
892
content-length
533
last-modified
Thu, 18 Jan 2024 10:09:40 GMT
server
nginx
etag
W/"582-60f358fc50100"
vary
Accept-Encoding
content-type
text/css
x-varnish
492767862 490632028
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 05 Feb 2024 04:23:42 GMT
bundle-eafdd79a1bd0f6d216d9.esm.js
ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 63C2 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle-eafdd79a1bd0f6d216d9.esm.js
Requested by
Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1706503828&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1814-149.members.linode.com
Software
nginx /
Resource Hash
7d2fbdfcd907629e01ea9a0a8552ba3cfbd9746c84566979d9b357ec34809211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (1.lb-app.la.linode-de)
x-srv
5
age
1075
content-length
14067
last-modified
Thu, 18 Jan 2024 10:09:40 GMT
server
nginx
etag
W/"9ff3-60f358fc50100"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
493128508 491476575
cache-control
max-age=21600
accept-ranges
bytes
expires
Mon, 29 Jan 2024 10:20:39 GMT
stringutils-2e5dc2bf3827eb702243.esm.js
ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 63C2 		203 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ais.ladesk.com/scripts/static/webpack/liveagent-common-bundle/stringutils-2e5dc2bf3827eb702243.esm.js
Requested by
Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1706503828&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1814-149.members.linode.com
Software
nginx /
Resource Hash
7d987df37a77ea9fd733426e20b6d9ace83c0c8c4b13449db503edd1eda1402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (1.lb-app.la.linode-de)
x-srv
1
age
1300
content-length
80454
last-modified
Thu, 18 Jan 2024 10:09:40 GMT
server
nginx
etag
"32c4b-60f358fc50100"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
491964915 491531288
cache-control
max-age=21600
accept-ranges
bytes
expires
Mon, 29 Jan 2024 10:16:54 GMT
default-contactwidget-logo.png
ais.ladesk.com/themes/install/_common_templates/img/ Frame 63C2 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ais.ladesk.com/themes/install/_common_templates/img/default-contactwidget-logo.png
Requested by
Host: ais.ladesk.com
URL: https://ais.ladesk.com/scripts/generateWidget.php?v=5.43.5.9&t=1706503828&cwid=q2dm1s7e&cwrt=O&pt=AFFAERENTREFF&ref=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.238.149 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1814-149.members.linode.com
Software
nginx /
Resource Hash
79751345f970ff2b3b5e916ba4523b96879a6a35579448da500bcdb6fa77e690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:33 GMT
via
1.1 varnish (1.lb-app.la.linode-de)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-srv
1
age
354
content-length
5388
last-modified
Thu, 18 Jan 2024 10:09:56 GMT
server
nginx
etag
"150c-60f3590b92500"
vary
Accept-Encoding
content-type
image/png
x-varnish
493226574 490921362
cache-control
max-age=604800
accept-ranges
bytes
expires
Mon, 05 Feb 2024 04:32:40 GMT
postmessage_bundle.js
2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/ Frame 5A7F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/postmessage_bundle.js
Requested by
Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1821-5.members.linode.com
Software
nginx /
Resource Hash
fd217f54257ddc2df28c0866613b5e7b1cf450610240f5bf651d1c2c5267dd3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:34 GMT
last-modified
Thu, 18 Jan 2024 10:09:40 GMT
server
nginx
accept-ranges
bytes
etag
"65a8f8e4-812"
content-length
2066
content-type
application/javascript
pushstream_bundle.js
2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/ Frame 5A7F 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/pushstream_bundle.js
Requested by
Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1821-5.members.linode.com
Software
nginx /
Resource Hash
ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:34 GMT
last-modified
Thu, 18 Jan 2024 10:09:40 GMT
server
nginx
accept-ranges
bytes
etag
"65a8f8e4-50d0"
content-length
20688
content-type
application/javascript
bus_bundle.js
2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/ Frame 5A7F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/bus_bundle.js
Requested by
Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1821-5.members.linode.com
Software
nginx /
Resource Hash
2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:34 GMT
last-modified
Thu, 18 Jan 2024 10:09:40 GMT
server
nginx
accept-ranges
bytes
etag
"65a8f8e4-8ca"
content-length
2250
content-type
application/javascript
v2
2-vbus-de.ladesk.com/5_43_5_9/u446666_8543/7wmjiu42xqkcbzokadkcozb8p3rki/event/lp/ Frame 5A7F 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2-vbus-de.ladesk.com/5_43_5_9/u446666_8543/7wmjiu42xqkcbzokadkcozb8p3rki/event/lp/v2?channels=cd88f128ae_vb_j2kkns8cevcy34qi56e63xucn5wkg&tag=0&time=Mon%2C%2029%20Jan%202024%2000%3A28%3A34%20GMT&eventid=&_=1706503114376
Requested by
Host: 2-vbus-de.ladesk.com
URL: https://2-vbus-de.ladesk.com/5_43_5_9/static/webpack/js_bundle/pushstream_bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.244.5 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1821-5.members.linode.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://2-vbus-de.ladesk.com/5_43_5_9/scripts/lib/bus.html?v=5.43.5.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 04:38:34 GMT
last-modified
Mon, 29 Jan 2024 00:28:34 GMT
server
nginx
etag
W/0
content-type
application/octet-stream
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TE5Y97YKC8&gtm=45je41o0v9104833779&_p=1706503111772&gcd=11l1l1l1l1&dma=0&cid=1847339805.1706503113&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1706503112&sct=1&seg=0&dl=https%3A%2F%2Fwww.affaerentreff.de%2F%3Fa_aid%3Dvivero%26a_bid%3D5316627b%26data1%3D49_%26data2%3D6a28636e62e143a180608e6b0fe38fd0&dt=&en=scroll&ep.anonymizeIp=true&ep.transport=beacon&epn.percent_scrolled=90&_et=8&tfd=8087
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE5Y97YKC8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.affaerentreff.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 04:38:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.affaerentreff.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery function| PostAssoc function| PostAffAction function| PostAffAttributeWriter function| PostUrlReplacer function| PostValueReplacer function| PostAffCookieManager function| PostAffParams function| PostAffCookie function| PostAffRequest function| PostAffInfo function| PostAffTrackingRequest object| PostAffTracker function| setVisitor function| setAffiliate function| trackingFinished function| setAffiliateInfo function| papTrack object| parameters object| dataLayer function| getUrlParameter function| gtag object| url string| domain string| host object| _config string| TiktokAnalyticsObject object| ttq function| axios object| countrySelectData function| VueRouter function| Vue function| Prelander function| Landingpagev1 function| Landingpagev2 function| mainApp function| cancelmembershipComponent object| en object| cookieconsent number| uidEvent object| bootstrap object| contactButton object| LA_event function| calculate_age function| elementInViewport function| $loadScript function| Cookies function| jwt_decode object| de object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal boolean| shouldAppend function| UET function| UET_init function| UET_push object| ueto_9218e3b094 object| uetq function| parseBool object| campaignIds string| cookieDomain number| cookieDuration boolean| registerViewOncePerSession boolean| lastPaidClickAttribution boolean| firstClickAttribution string| attribution string| referrer undefined| ourCookie string| rtkClickID function| removeParam object| urlParams string| locSearch undefined| rtkfbp undefined| rtkfbc string| pixelParams string| campaignID object| souceKey string| initialSrc object| rawData function| setCookie function| setSessionClickID function| getCookie object| rtkxhr object| gaplugins object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| xhrr object| LiveAgentTrackerXD function| LiveAgent function| LiveAgentTracker function| init_button_q2dm1s7e object| widgets number| widgetsLength object| termsAndPolicies_async

27 Cookies

Domain/Path Name / Value
.postaffiliatepro.com/ Name: PAPAffiliateId
Value: vivero
.postaffiliatepro.com/ Name: PAPVisitorId
Value: 7LTFgZzuXFB207FIdq5jH6k0WS0ndV0F
.affaerentreff.de/ Name: PAPVisitorId
Value: 7LTFgZzuXFB207FIdq5jH6k0WS0ndV0F
.www.affaerentreff.de/ Name: PAPVisitorId
Value: 7LTFgZzuXFB207FIdq5jH6k0WS0ndV0F
.tiktok.com/ Name: _ttp
Value: 2bc8frV5ML1jOYJvSZaUDlAja0c
.affaerentreff.de/ Name: _tt_enable_cookie
Value: 1
.affaerentreff.de/ Name: _ttp
Value: P6R8C6bgKZx5yZIXQedTSwl73xo
.affaerentreff.de/ Name: _gcl_au
Value: 1.1.154754825.1706503113
.affaerentreff.de/ Name: _ga_TE5Y97YKC8
Value: GS1.1.1706503112.1.0.1706503112.0.0.0
.affaerentreff.de/ Name: _uetsid
Value: 41fd5460be6011ee9e002ba28f9b1b47
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.affaerentreff.de/ Name: _uetvid
Value: 4200bbf0be6011eea4775fe6aa2af96d
.affaerentreff.de/ Name: _ga
Value: GA1.2.1847339805.1706503113
.affaerentreff.de/ Name: _gid
Value: GA1.2.2113770909.1706503113
.affaerentreff.de/ Name: _gat_UA-167101890-5
Value: 1
.bing.com/ Name: MUID
Value: 3A1254F0F63B61B7096640E5F75760A0
.bat.bing.com/ Name: MR
Value: 0
www.affaerentreff.de/ Name: rtkclickid-store
Value: 65b72bc9c505ec0001749338
www.affaerentreff.de/ Name: LaVisitorNew
Value: Y
.affaerentreff.de/ Name: LaVisitorId_YWlzLmxhZGVzay5jb20v
Value: 7wmjiu42xqkcbzokadkcozb8p3rki
www.affaerentreff.de/ Name: LaSID
Value: j2kkns8cevcy34qi56e63xucn5wkg
.affaerentreff.de/ Name: _hjSessionUser_2147602
Value: eyJpZCI6ImZjOGRiZjBiLTQxMDEtNWU4Yi1hN2U2LTUyNGMwYmRlOTUzMiIsImNyZWF0ZWQiOjE3MDY1MDMxMTMyNTEsImV4aXN0aW5nIjpmYWxzZX0=
.affaerentreff.de/ Name: _hjSession_2147602
Value: eyJpZCI6ImJhZTk1ZWY0LWFlZmYtNDI2ZC1hMzNjLTA1ZWU0ODcwNjBmMiIsImMiOjE3MDY1MDMxMTMyNTIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
www.affaerentreff.de/ Name: a_aid
Value: vivero
www.affaerentreff.de/ Name: a_bid
Value: 5316627b
.affaerentreff.de/ Name: _fbp
Value: fb.1.1706503113270.927616865
www.affaerentreff.de/ Name: LaUserDetails
Value: %7B%22t_country_code%22%3A%22de%22%2C%22t_product%22%3A%22AffaerenTreff%22%7D

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/550272220639696?v=2.9.143&r=stable&domain=www.affaerentreff.de&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2-vbus-de.ladesk.com
50slove.postaffiliatepro.com
ais.ladesk.com
analytics.tiktok.com
bat.bing.com
cdn.aisgmbh.at
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
detour.datingalpha.net
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
script.hotjar.com
scripts.azshopp.com
static.hotjar.com
www.affaerentreff.de
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.vgnp3trk.com
108.62.123.181
172.104.238.149
172.104.244.5
18.164.96.87
18.238.49.12
23.48.224.106
2600:9000:2688:fa00:13:920a:46c0:93a1
2606:4700:3032::6815:20e2
2606:4700::6811:180e
2606:4700::6812:acf
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81d::2008
2607:f8b0:4006:821::2004
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::485
3.161.188.54
34.117.39.110
91.201.28.212
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
07bfe355f807a4d3eb57572ccba18463c1ab1c7a3bcf7d1ac6ca00026e4aefc3
082585bdc55df3f819dd1110fe0c45188216be7495392d86e66a8fdd7bbd0c92
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
101c8239dd781d615ea88e0833d60e6b8c5847a4308676b9241a22e19e09a003
11d6f25c4bb690a6f5a595633aab62511c819b9cdbeb3ea4851f725fea36134a
134f038d354ff9d5fbdcf639c79a7b62cac791cf14e7384bdd936597c64def0a
291b8a5be6d7bd8d1e5bb6e5cbcb6c5312f1c7bb7da1e3b95ec8b2edbe836dba
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24
30a2fd1f1d65fcb9aab83057288891808eb932fb9acdc7991cda1c25a8707f4b
3ad322908b8f139ba891aca56ac9bafef691e245cc93aae352cf41075c999ebf
3b69dbf32872647ab14e3d00c71a610cd16ab16db42a9fb1dc7add247b2bde55
3ea53a13e34d782e4408913319f375ca93d7af8f3f9edb75d8c7b1bceb07c9f8
3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e
3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15
58033759e0c57ce460edd0263d8e1459b4fe3e0f972ce16bcba51f1417b0b9fc
58c7b0ab7c6b0671f6ee2463aba8a22e8fbf5821798b88ec20b0717377f8d56d
5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3
5e2735602abdfa25ebbcd5f2606f2b768aae5f2cf20f835aa29c661e8dbfc33d
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e7bf7d34a51c9d6b9e0c8c9ab77599aeb40186375f11307684ded2b5e75a28b
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
648114310492d12a9858030eb33cb6badb6219c8e96dc402ecd86354d17793bc
6aaf5f1c3231cdbd1e5cf84105ed00d2ad1955868178b8b3e3ca3e0279580616
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73fcbaf2504050334e324594bc9b1b44eb2b8338a4b552dca1c4dfc99b0c99f4
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
76d24199306842206c0cefa20e85c0b7f4f0a4b0b86fb47bce520fbe8bebfd14
79751345f970ff2b3b5e916ba4523b96879a6a35579448da500bcdb6fa77e690
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c7fb8e00906d9a203c24532e6b32838eec1ff36386136ce8ff6847d1e6a8364
7d2fbdfcd907629e01ea9a0a8552ba3cfbd9746c84566979d9b357ec34809211
7d987df37a77ea9fd733426e20b6d9ace83c0c8c4b13449db503edd1eda1402a
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f
88246e7f5d30387f283df5907c2694534d3399cd71676d124b16705fb6ca9c00
899d22445cc4e1968ca90622da6cd0930849fc9eaf194ad68ea01cff0a4d98f1
8e052d8c61cf2bb73abe3b42a7ce6ab87e88653e9d1d263af3f37d728b948b32
8e30993ba98335c5da42a597b569fc5e1a3af35c39f69540e9b76f1cefe9d266
8f60768b08308fe3b28a553d14a7b13133e0ca71f718ef27d9fee159afe7767b
8ff0eebfec66187885353c64761f7abe6c42f3fd249bdae9d88dc7a6262551d9
9040613debda8e0d015563aadf1aa5d2e0399a8865ef972fb90c29f0cab0a2c8
92f1c173a2fcb9611997bf02435f4a18f41ed65968b7b76d413d998e27f8236b
9ce7d5ef8b01a00f738ed4b4447ec44c8bf2f537d28f81fdf14da1287ed8cd81
9f32e21bb384c67c6f238522394c74875eda4887ab952c87ba29c394778e2d87
a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467
a531fbd7f84bf4fa1e73e6abfe60953c6b6a14446f6e35b34bc2fc5768110c42
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7fd5e5134415291d0b0e97ed853f79104e090b566b39b2a6ce854621817f4d6
a8d875e620891f4195872716c73e6677a9ae1127f1cdc7f76d623950e1c12e7d
ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2
afd4194ff31531862a7786ddbcde6dcd3bdb4bd64f39d5e6d90f80a55e71eda1
b00828aa594968071f062841833553f98541845061e2d1c3144da47acce5940d
b190768a27312ddecca5f1f2e2ef9c55a79457391e493fc514d4ce17ebd3b224
b9fd04adbd083260a6ebf0f823e996ff66c6360bc55f6eab59d9bd86ce9a9c59
bc38423f463c03c12ca83923df84a9aa856d55465682dc9dda239f6ae2ecdf0a
c96fe1f707a82312d2e2dd284519afc8168091dd2e29d1e54ac8f73fcd03e0ea
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d601f229247b261d18181988f7337b3f652165187f3c22a109821a50ea96a0f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1b1805b1b9366b2bb501727cc1bbfbc46c743cc302fab49d42d3af77cb41217
e2347f12c65dbad05f419068e3720c005ffc9e10d405e56f0a431225b2ab6681
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f9d654ac900cbd8a09bb26c48a51260cb7d816c53c32ed69d4b2c90cb991d2a6
fd217f54257ddc2df28c0866613b5e7b1cf450610240f5bf651d1c2c5267dd3c